Google’s about to push everyone into two-factor authentication

“Passwords are the single biggest threat to your online security,” the company says

Image of two-factor authentication in action

Google will soon make a switch over to a compulsory two-factor authentication system, making it harder for crafty hackers to break into your Gmail or other Google Accounts.

Passwords are notoriously easy to crack, steal or otherwise compromise. In today’s era of highly advanced hackers, they’re pretty dated as a security measure.

That’s why Google is moving beyond passwords. It’s about to start automatically enrolling Gmail and Google account users into two-factor authentication (2FA).

“You may not realize it, but passwords are the single biggest threat to your online security -- they’re easy to steal, they’re hard to remember, and managing them is tedious,” Mark Risher, Google’s product management director for identity and user security, wrote in a blog post on Thursday, which is World Password Day.

“Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured. (You can check the status of your account in our Security Checkup),” he wrote.

So what does Google mean when it refers to your Google account being “appropriately configured” for 2FA? A Google product manager told PCWorld it means users already have recovery information on their accounts, like a phone number or a secondary email.

Related Resource

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

cost of a data breach report 2020 - whitepaper from IBMDownload now

Two-factor authentication is one of the simplest but most effective security steps that businesses and individuals can take. Also known as multi-factor authentication (MFA) or two-step verification, 2FA is a fairly straightforward process of confirming your identity twice before gaining access to an account or service.

Google already prompts users who are opening new Gmail accounts to enroll in two-factor authentication. The difference is, Google will now automatically enroll users into it.

Although some reports claim Google is making 2FA mandatory, a Google spokesperson told Mashable that users would be able to opt out if they want to.

So far, Google isn’t mentioning a specific timeline for this change, other than Risher writing that it’ll happen “soon.”

Implementing 2FA can go some way toward adding an extra barrier of entry for yourself and any third party attempting to access your account. While security questions seeking personal details, like the name of your first family pet or mother’s maiden name, may help shield user accounts, savvy hackers can easily figure these out, often by rummaging through social media accounts.

Adding the second authentication factor, whether by delivering a code by text message or email or using an authenticator app, adds a more robust protective layer. While it may seem arduous to jump through this hoop time and time again, the benefits of having these hoops in place are untold.

Featured Resources

How to choose an AI vendor

Five key things to look for in an AI vendor

Download now

The UK 2020 Databerg report

Cloud adoption trends in the UK and recommendations for cloud migration

Download now

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

Download now

The impact of AWS in the UK

How AWS is powering Britain's fastest-growing companies

Download now

Recommended

Putin open to handing cyber criminals over to US
hacking

Putin open to handing cyber criminals over to US

14 Jun 2021
Futurex‌ ‌and Google enable‌ ‌client-side‌ ‌Google‌ ‌Workspace encryption‌
Google Docs

Futurex‌ ‌and Google enable‌ ‌client-side‌ ‌Google‌ ‌Workspace encryption‌

14 Jun 2021
The complete guide to building a security awareness programme that works
Whitepaper

The complete guide to building a security awareness programme that works

14 Jun 2021
2021 state of the phish
Whitepaper

2021 state of the phish

14 Jun 2021

Most Popular

Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021
Fastly blames software bug for major outage
public cloud

Fastly blames software bug for major outage

9 Jun 2021
GitHub to prohibit code that’s used in active attacks
cyber security

GitHub to prohibit code that’s used in active attacks

7 Jun 2021