Google Cloud は、可能な限り強力なセキュリティをお客様に提供できるよう努めています。アカウントと機密情報を安全に保つために、お客様の ID を保護することを優先しています。 この取り組みを継続するため、Google はすべての Google Cloud のお客様にアカウントで多要素認証(MFA)を有効にするよう段階的に義務付けています。
Google からのメッセージ: 別のデバイスで Google アカウントにログインしている場合は、そのデバイスにログインしようとしているのが自分かどうかを尋ねるメッセージが表示されます。ブラウザ、タブレット、スマートフォンで本人確認を行うことができます。詳しくは、Google からのメッセージを使用してログインするをご覧ください。
[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-09-04 UTC。"],[[["\u003cp\u003eGoogle Cloud is mandating Multi-Factor Authentication (MFA) for all users to enhance account security, as MFA reduces the likelihood of hacking by 99%.\u003c/p\u003e\n"],["\u003cp\u003eMFA enforcement will require users to have it enabled to access the Google Cloud console, Google Cloud CLI, and Firebase console, but it will not affect other services such as Google Workspace or YouTube.\u003c/p\u003e\n"],["\u003cp\u003eThe timeline for MFA enforcement varies by account type, with personal Google Accounts required to implement it by May 12, 2025, and other enterprise accounts varying after this date.\u003c/p\u003e\n"],["\u003cp\u003eUsers will receive reminders in the Google Cloud console and via email at least 90 days before enforcement, or 60 days for reseller accounts, and various methods are available to set up MFA, including prompts, security keys, and authenticator apps.\u003c/p\u003e\n"],["\u003cp\u003eService accounts and user access to applications running on Google Cloud are not impacted, but if you use your account to impersonate a service account you will be required to use MFA.\u003c/p\u003e\n"]]],[],null,["Google Cloud strives to provide its customers with the strongest security\npossible. We prioritize protecting your identity, to help keep your account and\nsensitive information safe. To help keep this commitment, Google is phasing in\nthe requirement that all Google Cloud customers enable\n*multi-factor authentication* (MFA) for their accounts.\n\nMFA, also known as *2-step verification* (2SV), is an important security\nmeasure. In addition to your password, MFA requires another proof of identity,\nknown as an *authentication factor*, to successfully sign in to an account.\nRequiring an additional factor makes it much harder for your account to be\ncompromised by hackers. Even if your password is stolen, hackers still need an\nadditional factor to be able to access your account.\n\nIf you're using a Google Account and have already [enabled MFA](#enable-google),\nyou don't need to take further action. You can check whether MFA is enabled for\nyour account by opening the **Security** tab of your\n[Google Account settings page](https://myaccount.google.com/security). The\n**2-Step Verification** setting is displayed in the\n**How you sign in to Google** section.\n| **Note:** Accounts with passkeys still must enable MFA and add an authentication factor. If someone gets access to your password, and tries to sign in from an [untrusted device](https://support.google.com/accounts/answer/2544838) that doesn't have a passkey configured, Google requests this second factor, preventing unauthorized access.\n\nIf you're using a third-party identity provider (IdP) to manage single sign-on\n(SSO) in to Google Cloud, you can use the MFA provided by that IdP to\ncomply with Google Cloud's MFA requirement.\n\nIf you have questions that aren't answered in this document, contact\n[Cloud Customer Care](https://cloud.google.com/support-hub).\n\nTimelines for MFA enforcement\n\nThe timeline for MFA enforcement for Google Cloud depends on your account\ntype, as shown in the following table.\n\n| Account type | Description | Enforcement start date |\n|----------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|\n| Personal Google Accounts | User accounts you created for your own use, including Gmail accounts, that are used as [principals](/iam/docs/principals-overview) in Google Cloud. | On or after May 12, 2025 |\n| Enterprise Cloud Identity accounts (not using SSO) | User accounts with usernames and passwords created and managed by your Google Workspace administrator in Cloud Identity. | During or after Q4 2025 |\n| Enterprise accounts using federated authentication | User accounts created and managed by your Google Workspace administrator that use Google Workspace SSO, [Cloud Identity](/identity/docs/overview) SSO, or [Workforce Identity Federation](/iam/docs/workforce-identity-federation). | During or after Q1 2026 |\n| Reseller accounts | User accounts created and managed in a Google Cloud reseller domain. End users of the reseller are not affected. | On or after April 28, 2025 |\n\nIf you don't have MFA enabled, the Google Cloud console displays reminders to\nenable MFA at least 90 days before, and leading up to MFA enforcement. In\naddition, an email is sent with an MFA requirement reminder at least 90 days\nbefore MFA enforcement.\n\nFor resellers and their users, the Google Cloud console displays reminders to\nenable MFA at least 60 days before, and leading up to MFA enforcement.\nSimilarly, an email reminder is sent at least 60 days before MFA enforcement.\n\nWhen the requirement is enforced for your account, you must have MFA enabled to\nsign in to the Google Cloud console or the Firebase console.\n\nScope of MFA enforcement\n\nWhen the Google Cloud MFA requirement is enforced for your account, if you\ndon't have MFA enabled, you won't be able to use the following Google Cloud\ninterfaces:\n\n- The [Google Cloud console](/cloud-console)\n\n- The [Firebase console](https://console.firebase.google.com/)\n\nGoogle Cloud MFA enforcement doesn't affect service accounts. Only user\naccounts are affected. However, if you use your Google Account to impersonate a\nservice account, and MFA is enforced for your account, you must have MFA enabled\nto sign in to the Google Cloud console.\n\nAccess to the following interfaces and services is **not** affected by the\nGoogle Cloud MFA enforcement:\n\n- Google Workspace, including Gmail, Google Drive, Google Sheets,\n and Google Slides. However, Google Workspace has a separate MFA\n requirement. Contact\n [your Google Workspace administrator](https://support.google.com/a/answer/6208960)\n for more information.\n\n- YouTube.\n\nYour applications and workloads running on Google Cloud, including\napplications secured by Identity-Aware Proxy (IAP), aren't affected by MFA\nenforcement. However, your developers won't be able to use the\nGoogle Cloud console to manage those applications. In other words, your\ncontrol plane is affected by MFA enforcement, but not your data plane.\n\nOpt out of MFA enforcement\n\nGmail accounts used for Google Cloud can't be opted out of the MFA\nrequirement.\n\nExemptions for enterprise accounts and reseller accounts are available for\nspecific use cases where implementing MFA is not feasible. For more information,\ncontact [Cloud Customer Care](https://cloud.google.com/support-hub).\n\nEnable MFA for Google Accounts\n\n\nYou can enable MFA, also known as _2-step verification_ (2SV), on the **Security** tab of your\n[Google Account settings page](https://myaccount.google.com/security). For\nstep-by-step instructions, see\n[Turn on 2-Step Verification](https://support.google.com/accounts/answer/185839?sjid=8549799716107395240-NC).\n\n\nIf you don't see the **2-Step Verification** option for your account, your administrator might\nhave disabled it. Contact [your administrator](https://support.google.com/a/answer/6208960) for assistance.\n\n\u003cbr /\u003e\n\nAdditional factors for Google Accounts\n\nPersonal Google Accounts and enterprise accounts that use Google as their\nidentity provider (IdP) can use any of the following additional factors with\nGoogle Cloud:\n\n- **Authenticator apps** : you can set up an authenticator application, such as\n [Google Authenticator](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2),\n or [Authy](https://www.authy.com/), on your mobile or desktop device to act as\n your second factor.\n\n- **Backup codes** : you can create backup codes and use them as your second\n factor. Backup codes must be stored securely, and can be used only once, so\n this method should be used only when you have no other method available. For\n more information, see\n [Sign in with backup codes](https://support.google.com/accounts/answer/1187538).\n\n- **Google Prompts** : if you are signed into your Google Account on another\n device, you can receive a prompt on that device asking you whether it is you\n signing in. You can confirm that it's you in a browser, on a tablet, or your\n phone. For more information, see\n [Sign in with Google prompts](https://support.google.com/accounts/answer/7026266).\n\n- **Physical security key** : you can touch a physical security key to provide\n your second factor. For more information, see\n [Use a security key for 2-Step Verification](https://support.google.com/accounts/answer/6103523).\n\n- **SMS codes**: you can use a code sent to your phone number as a second\n factor. Before you can use SMS as a second factor, your phone number must be\n associated with your Google Account.\n\nEnable MFA for third-party identity providers\n\nRefer to your third-party IdP's documentation to learn how to enable MFA.\n\nRecover account access if a factor is lost or stolen\n\nSee [Fix common issues with 2-Step verification](https://support.google.com/accounts/answer/185834)\nfor steps to recover your account."]]