Google To Enable Two-Step Verification by Default for 150 Million Users
Earlier this year, Google announced that it will enable two-step verification (2SV) by default to allow for more security for several accounts. Now during Cybersecurity Awareness Month, Google is reminding users of that plan as by the end of 2021, the technology company aims to enable 2SV for 150 million accounts and require two million YouTube creators to turn on the security feature.
In a blog post, Google said that having a second form of authentication can lessen the chances of an attacker accessing another person's account.
"In addition to passwords, we know that having a second form of authentication dramatically decreases an attacker's chance of gaining access to an account. For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks," wrote Google.
According to the technology firm, 2SV has been at the centre of its security practices and Google is making it easier to use the feature when people are trying to sign into their accounts. All they have to do is tap their mobile device to verify that it is them who is making the sign-in attempt.
To further protect users, Google built security keys into devices. This is a form of authentication in which you need to tap your key when Google detects a suspicious sign-in attempt. Since security keys offer the "highest degree of sign-in security possible", Google collaborated with organisations to give free security keys to more than 10,000 high-risk users in 2021.
Improving the accessibility of security keys, the company built the capability into Android phones and the Google Smart Lock app on Apple devices. As of writing, more than two billion devices across the globe automatically support security keys.
In the same blog post, Google also mentioned other sign-in enhancements such as One Tap and a new collection of identity APIs called Google Identity Services, which uses secure tokens instead of passwords to sign users into partner websites and apps. These services can protect users from click-jacking, pixel tracking and other web and app-based security threats.
Written by Sophia Lopez