Google wants all its users use the 2FA or two-factor authentication so as to minimize the risk of attackers taking control of their accounts using compromised credentials or guessing their passwords.
Mark Risher, the Director of Product Management, Identity and User Security of Google, said today, “Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured”
This increases the security of the users’ Google account as removing the “single biggest threat” that makes easy to hack the passwords that are hard to remember and steal through phishing and data breaches.
The company asks the first of the process in 2FA will ask the users enrolled users to confirm their identity by tapping on the Google Prompt on their SmartPhones whenever they sign in.
If you’ve not yet encored the two-factor authentication for your Google Account, go to the Google’s 2-step verification page and click on “Get Started” option. This will provide an extra layer of security and blocks attackers from gaining access to the data.
Risher said, “Using their mobile device to sign in gives people a safer and more secure authentication experience than passwords alone.”
As the Google already announced, users can use iPhone running iOS or later as security keys to verify the sign-ins on Chrome Os, iOS, macOS and Windows 10, without pairing.
Also, using the security key built-in Android phones running Android 7.0+ is made available by them. As well as, the iOS users are allowed to verify sign-ins into Google and Google Cloud services using Android phones set up as security keys.
Once you enable the 2FA to your account, it will block any unauthorized access by creating an extra defense layer. This layer prevents any malicious actors’ attempt to log-in to your account. So, the attackers will not be able to take the control on it and manage to steal the credentials till they access to the system.
When you toggle on the 2FA, you will be asked to enter your password, as usual, whenever you sign in to your Google Account. However, you require confirming your identity through a code via messages, voice call or mobile app.
If you have a security key, you can insert it to the system’s USB port as a confirmation that you are just trying to logging in.
Alex Weinert, Director of Identity Security at Microsoft said two years ago, “your password doesn’t matter, but MFA does! Based on our studies, your account is more than 99.9% less likely to be compromised if you use MFA.”
“use of anything beyond the password significantly increases the costs for attackers, which is why the rate of compromise of accounts using any type of MFA is less than 0.1% of the general population.”
Risher concluded, “One day, we hope stolen passwords will be a thing of the past, because passwords will be a thing of the past, but until then Google will continue to keep you and your passwords safe”