Apply 2FA to all project Google accounts

[Rabia2219]

Overview

We need to apply 2FA to all project Google accounts so that people don't need to have Bonnie or someone else's phone number on the email account to grant access.

Action Items

• [x] Follow instructions in resource 1.0
• [x] Message team on Slack using resource 2.0 about new authentication process

Resources/Instructions

1.0 Guide: How to Set Up 2-Step Verification in a Google Account Using 1Password 2.0 Slack message

Hi team,
We have setup a new 2FA verification system for our Google account so Bonnie's or anyone else's number is no longer required to receive codes. Please follow instructions in [Guide: Log into a Google Account with 2-Step Verification Using 1Password](https://docs.google.com/document/d/1hL3gYqoV6EWl4bUa2VYLgq0N__CjTvSw4Da2M4x2Hxk/edit) when logging into the project's Gmail account(s) through 1password. Thanks.

3.0 Guide: Log into a Google Account with 2-Step Verification Using 1Password 4.0 Guide: How to Troubleshoot Using 1Password's One-time Password and How to Use Backup Codes 5.0 HfLA Email addresses as of 2022-12-26

Projects to add 2FA

Active

• [x] 311
• [x] 100 Automations
• [x] Access the Data
• [x] BallotNav
• [x] Brigade Organizer's Playbook
• [x] Civic Tech Jobs
• [x] Design Systems
• [x] Expunge-Assist
• [x] Food Oasis
• [x] Guides
• [x] HackforLA.org
• [x] HomeUniteUs
• [x] Internship project / Tech Work Experience
• [ ] LA TDM
• [x] Lucky Parking
• [x] Open Community Survey
• [ ] ~People Depot~
• [x] VRMS
• [ ] ~Write for All~
• [x] Youth Justice Nav
• [x] CoP - Ops
• [x] CoP - UI/UX
• [x] CoP - Product
• [x] CoP - Engineering
• [x] CoP - Data Science
• [x] Drive Migration
• [x] Zoom1
• [x] Zoom2
• [x] Zoom3
• [x] Zoom4

  On Hold

• [x] Civic Opportunity Project
• [x] Civic Tech Index
• [x] Civic Tech Structure
• [x] Engage
• [x] GreenEarthOS
• [x] Racial Justice Project
• [x] Tables team
• [x] livestream
• [x] CoP - Marketing

[Rabia2219]

Log into your teams project email

[ExperimentsInHonesty]

TDM Calculator has the following issues Must setup 2FA for tdm-ux@hackforla.org websiteadmin@govcalc.org

There is a login in the TDM Calculator - Dev vault that is similar to another login tdm+sendgrid@hackforla.org, ask john what this is about. Is it an email or is it a login to sendgrid

In John's email he says

For the TDM project: We have two 1Password vaults for TDM: the "TDM Calculator Dev" vault is used for the most sensitive accounts that are used to access AWS and other production services. Though production services use the tdm@hackforla.org Google account/email, we elected to put the credentials for the Google account in the second, less restricted vault, The second 1Password vault is TDM Calculator - General, which includes logins, etc. that are deemed safe for PMs and Team Lead to access. In general logins here should use the tdmcalcproject@hackforla.org Google account, and the Login credentials for the tdmcalcproject@hackforla.org Google/email account are in this vault.

However, the email tdm@hackforla.org is where the calendar is, so lets determine which email accounts are used for what.

This email has been setup with authenticator but does not have the backup codes tdmcalcproject@gmail.com

There is no email tdmcalcproject@hackforla.org . I checked gsuite.

Potential solution for replacing current 2FA based on john's phone in sendgrid account

1. Figure out how to automate sending a text message to the google phone
2. setup google phone to tdm@hackforla.org
3. forward sms messages from the phone number to tdm-phone@hackforla.org https://messagedesk.com/blog/google-voice-text-messages/
4. go into email adjust the forwarding using the instructions here https://github.com/hackforla/product-management/wiki/Forward-emails-to-team-members
5. remove the 2fa authenticator app from sendgrid account and reinstall it to use sms and use the new google phone number

[Rabia2219]

Note: Delete after confirming with Bonnie GreenEarthOS: The recovery phone number is Sayali's number - 6694670042

[ExperimentsInHonesty]

Post draft 1

Note from the Hack for LA #admin team
📣 We have set up a new  2FA verification system for our Gmail accounts, so Bonnie's or anyone else's number is no longer required to receive access. 

📄 Please follow instructions in [Guide: Log into a Google Account with 2-Step Verification Using 1Password](https://docs.google.com/document/d/1hL3gYqoV6EWl4bUa2VYLgq0N__CjTvSw4Da2M4x2Hxk/edit) when 🗝️logging into the project's Gmail account(s).

🏆 _This is part of an org level improvement across all projects, more announcements to come..._

[ExperimentsInHonesty]

Pin for product-management slack channel

📄 Guide: Log into a Google Account with 2-Step Verification Using 1Password when 🗝️ logging into a project's Gmail account(s).

added on 2022-12-29

[ExperimentsInHonesty]

Post for project slacks

Note from the Hack for LA #admin team 📣 We have spent the month of December working on a variety of Org level initiatives that will improve how your team accesses resources and receives support.

☑️ If you are PM on this project, please make sure you are subscribed to the #product-managment slack channel to get notified when new announcements are made. The announcements are also available in the Admin Announcements WIKI

The first announcement will be about a new way to log into your project's email account 🗝️

🏆 This is part of an org level improvement across all projects, more cool stuff on the way...

[ExperimentsInHonesty]

Bookmark for product-management slack channel

Admin Announcements WIKI

added on 2022-12-29