Google reportedly plans to automatically enroll users in two-step verification.
Most security experts agree that two-factor authentication (2FA) is a critical part of securing your online accounts. Google agrees, but it’s taking an extra step.
According to a new Vice report, in order to commemorate this year’s World Password Day, Google has announced that it will soon start automatically requiring two-factor authentication for user accounts.
“Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured. (You can check the status of your account in our Security Checkup),” Mark Risher, director of product management in Google’s Identity and User Security group, notes in a new blog post.
“You may not realize it, but passwords are the single biggest threat to your online security – they’re easy to steal, they’re hard to remember, and managing them is tedious,” he says.
Google already uses 2FA to secure accounts, but it’s been optional until now. If you have 2FA enabled on your Google account, for example, you can view the passwords Google knows by entering your passwords, then confirming your login on a separate phone via Google’s Authenticator app.
Two-factor authentication is a security feature that requires you to provide something else than your password to log into your account. A code sent to your phone or given by an ad hoc app like Google Authenticator or Authy, for example, may be that something else.
This is part of Google’s push toward “a future where you won’t need a password at all,” and the announcement happens to coincide with the World Password Day. Even after several massive hacks and password dumps, Google reports that 66 percent of Americans “still admit to using the same password across multiple sites, which makes all those accounts vulnerable if one falls.”
Google encourages customers to run through their fast security checkup to ensure the account settings and safeguards are up to date.