Google will soon require two-factor authentication (2FA) for all Google accounts.
Starting May 10, Google will require users enrolled in two-step verification (2SV) (the abbreviation Google uses) to simply tap the Google prompt on their phone to verify that it is indeed them.
"Soon, we will automatically enroll users in 2SV if their accounts are properly set up," added Mark Risher, Google's director of identity and user security product management.
Many security experts agree that 2FA is an important part of online security, adding a necessary layer of protection to weak passwords. Google's mandate for 2FA is a clear signal that high-tech companies see a future with fewer passwords.
Despite the good intentions of users, the sheer number of online accounts we have means that our strongest passwords are vulnerable because they are often reused between different logins. Google sees this as a major problem and hopes to solve it by making 2FA mandatory.
Of course, Google is already using 2FA to enhance the security of users' accounts. 2FA relies on Google's Authenticator app or Google's push notifications to log in on another device tied to the user, such as a cell phone. By verifying, the user gains an additional layer of security.
So what does "properly configured" actually mean in relation to a Google account? It refers to a number of settings that can be found on Google's Security Checkup page.
In short, the term applies to accounts with additional recovery information, such as a phone number, secondary email, and an iPhone or Android phone configured to receive Google push notifications. Security Checkup will check whether an account has 2 FA is enabled, and is an easy way for users to verify that 2FA is enabled on their accounts.
However, the additional layer of security should not come at the expense of usability. Making multi-factor authentication even more secure than passwords should not sacrifice a seamless user experience, Google says.
Password compromise is now so commonplace that Google's move to make 2FA mandatory comes too late.
Regardless, strong passwords are still important alongside 2FA, and Google's Password Manager, built into Android, Chrome, and now iOS, helps you sync passwords across your favorite apps and sites to create stronger passwords. This helps to sync passwords between favorite apps and sites and create stronger passwords.
This reduces the time needed to think of complex alphanumeric passwords and remember them. Google will even automatically fill in the site's login form to save you time.
And if you are concerned about migrating existing passwords, Google's password import feature simplifies the process of transferring passwords from various third-party sites to Google's password manager.
With the proliferation of password-stealing malware, the move to 2FA is definitely a necessary step in the right direction, and Google's enforcement of 2FA as a required part of its service should steer the mainstream in the direction of improving personal security hygiene.
More People get a lot of phishing emails.
Comments