Your account would need to be appropriately designed for it, but Google is about to take a big move toward making user accounts more secure: it will automatically enroll users in two-factor authentication. In a blog post today, the company stated that if customers' accounts are "fully installed," it would soon begin enrolling them in two-factor authentication (or "two-step verification," as Google calls it).

Google will shortly make two-factor authentication the default setting

Once activated, they'll get a notification on their phone asking them to confirm that a login attempt with their Google account is valid. Google's senior director of product management, Mark Risher, said, "Using their mobile device to sign in offers users a better and more reliable authentication experience than passwords alone." (Unlike SMS texts, which can be intercepted, on-phone warnings are more secure.)

If basic two-factor authentication isn't enough, you can still use a physical security key, such as those from YubiKey or Google's own Titan, to protect your account. Google added the ability for Android smartphones to function as a security key in 2019, and this feature has since been expanded to iPhones.

This is part of Google's drive toward "a future where you won't need a password at all," and the announcement coincides with World Password Day. Even after several massive breaches and password leaks, Google reports that 66% of Americans "actually confess to using the same password across different pages, making all those accounts insecure if one fails."

Customers are encouraged to run through Google's fast security checkup to ensure their account configurations and defenses are up to date.


Post a Comment

Previous Post Next Post