Google to make 2-factor authentication compulsory
Users will also receive notifications when risky actions are carried out on Android devices.
Google plans to make 2-factor authentication compulsory for all users, and display notifications when "risky" behaviour is carried out on Android devices.
Eric Sachs, group product manager at Google said the firm is making aggressive changes to its login system, as he detailed in a five year plan.
"The users who have not enabled our strict 2-factor login will be will be asked to pass a 2-factor challenge on nearly all sign-ins," he noted in a draft of the Stronger Consumer Authentication report.
"If they [users] don't have their phone with them they can still go through account recovery (which requires changing their password), and we will experiment with allowing them to pass some other risk-based challenges without needing to change their password."
Sachs noted that Google is experimenting on displaying notifications to users when risky behavior is carried out. Users logging in from an unusual location or transferring/withdrawing substantial sums of money, will be required to pass advanced authentication such as knowledge tests, facial recognition scans, or even a fingerprint test.
"We are beginning to experiment with apps on the phone that display notifications about risky behavior on an account. In some cases, the user might even need to give approval within that app before a risky action can be approved, such as a login to the account from an unusual location."
He also noted that Google will also be producing stronger hardware and promote the ChannelID open standard when it comes to bearer tokens, to help prevent accounts being compromised.
"The biggest issue is that the bad guys evolve as well. They have found ways to make money off hijacked accounts, and so are willing to use more complicated approaches to get those accounts." he added.
"Hopefully within 5 years all of these approaches will also have similar success to the efforts if the past 5 years."
Virtual desktops and apps for dummies
An easy guide to virtual desktop infrastructure, end-user computing, and moreDownload now
The total economic impact of optimising and managing your hybrid multi-cloud
Cost savings and business benefits of accelerating the cloud journeyDownload now
A buyer’s guide for cloud-based phone solutions
Finding the right phone system for your modern businessDownload now
What’s next for the education sector?
A new learning experienceDownload now