With its new initiative, Google on ‘World Password Day’ announced that its users will now automatically be enrolled in a two-step verification by default. This security step comes as a very significant and essential step towards a more secure online experience for its users, and it will undoubtedly help the safeguarding of the accounts and what’s in them.
Cybersecurity experts for a long time have been asking such platforms to enable password managers and two-step authentication, and according to them, ‘1234567’ or ‘password’ is not enough to secure an account. According to Google, people are now using “How strong is my password?” more than ever, and using long multi-character, complicated passwords doesn’t help either because the majority of users around the world still uses one password across multiple platforms, this puts at risk all the accounts if the password is cracked of even one.
On May 6, 2021, Google, in a blog post, wrote that it would soon start enrolling customers in two-factor authentication or “two-step verification (2SV) as Google calls it only after the account is configured accordingly.
2SV will add an extra layer of security since Google doesn’t only provide Gmail, but also various services like Google Drive with more features like ‘Remember password,’ etc., and these sometimes hold sensitive and personal information, which if compromised could lead to a severe problem. Two-step verification will help in securing the financial information of a user using Goggle Pay and also the third-party accounts to which a user might have linked his Google account.
The users will be able to use 2SV which is Two-step verification (2FA), or Multi-factor authentication (MFA) to protect their Google accounts from unauthorized access. With these methods, users will first verify their identity using their password and extra proof of identity verification in the next step, such as a security key or an authenticator code from Google’s authenticator app. The most common 2SV method used is the prompt received on a user’s smartphone to confirm whether the attempted login with their account is legitimate or no; only then will a user be successfully logged in. “Using their mobile device to sign in gives people a safer and more secure authentication experience than passwords alone,” said Google’s senior director of product management, Mark Risher.
Mark Risher also mentioned the Android built-in security keys, iOS password managers, chrome’s built-in password manager, which allows users to import up to 1000 passwords from the third-party platforms, and other examples of efforts to make 2FA a bit complex.
Google has said that the user needs to make sure that their account is correctly configured to get automatically enrolled in the two-step verification. Google has also advised its customers to visit and go through its quick security checkup to ensure that their settings and account protection are in the right place. What this ‘configuration’ means is whether you’ve provided Google with the recovery details, I.e., a secondary email, phone number, authenticator app, etc.
With this significant step, Google wants to make passwords obsolete, and their goal is to get rid of passwords altogether and focus on more security-specific features. Although an account might be enrolled automatically for the two-step verification, a user will still be able to disable and opt-out of the two-step verification. However, doing so will decrease the amount of security that Google is trying and offering for the accounts.
Google has not yet confirmed the date or timeline around which it will start enrolling the user automatically for its two-step verification (2SV) or if there’ll be an official announcement when it begins. Google just announced that it would happen soon, and that doesn’t mean you should wait for them to make your account more secure. Look at this blog as a reminder to tell you the benefits of 2FA and for you to go to your account settings now and enable 2FA to be more careful and safer.
Hi There! I am Elisa Wilson, and professionally, I work as a technical writer at a digital marketing company based in Ohio, and I have twelve years of experience in writing about OTT platforms. While writing an article or a blog, I try to embed knowledge and engagement, and I try to make people learn in a short, concise, and fun way. You can refer to this link: Roku.com/link.