IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google will auto-enrol 150 million users in 2FA by end of 2021

An additional two million YouTube creators will also be required to switch it on the 2SV feature by the end of the year

Google has announced plans to automatically enrol an additional 150 million users in two-factor authentication (2FA) by the end of 2021.

Known as two-step verification (2SV), the security feature combines the use of a password with a mobile device or a security key in order to diminish the chances of unauthorised access to accounts and networks. For instance, users signing in to their Gmail account, particularly when using a new computer for the first time, are asked to tap a prompt on their smartphone to authorise the login.

In a blog post published on Tuesday, the tech giant stated that enabling security protections by default is “the best way to keep [their] users safe”, which is why it's moving to ensure that more accounts have the 2SV feature switched on:

“By the end of 2021, we plan to auto-enrol an additional 150 million Google users in 2SV,” it announced, adding that an additional two million YouTube creators will be required to turn the feature on by the end of the year.

The tech giant acknowledged that not everyone has access to a smartphone or a security key, noting that it is “working on technologies that provide a convenient, secure authentication experience and reduce the reliance on passwords in the long-term”.

“We know security keys provide the highest degree of sign-in security possible, that’s why we've partnered with organisations to provide free security keys to over 10,000 high-risk users this year,” it stated.

Google said that users will be able to benefit from built-in security key capabilities in Android phones as well as its Google Smart Lock app for iOS, adding that its 2SV technology is automatically supported by “two billion devices around the world”.

In a Twitter post, Google product manager Sriram Karra said that today’s announcement “is just the beginning”. 

“The 150m 2SV user count is staggering already if you look at it in the broader industry context. For e.g. Twitter recently announced ~2.5% of its ~350m active users have 2SV - that's ~9m user accounts,” he stated.

Related Resource

How to secure workloads in hybrid clouds

Cloud workload protection

Whitepaper front coverFree download

Companies across the tech industry have been working to strengthen account security and minimise users' reliance on passwords. In June, Twitter announced that its users would be able to use a security key as their only 2FA method, while in September, Corporate VP of Microsoft Security, Compliance and Identity, Vasu Jakkal, stated that customers “can now completely remove the password from [the] Microsoft account”.

However, 2FA has also been the target of cyber criminals. Earlier this week, Coinbase sent out letters to 6,000 customers informing them that hackers managed to exploit “a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor (2FA) authentication token”.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022