As the world celebrates Cybersecurity Awareness Month, Google announced new security precautions to make users’ sign-in process more secure. The search engine unveiled its plan to auto-enroll 150 million Google users in a two-step verification (2SV) process and it requires two million YouTube creators to turn it on by the end of 2021.
Google claims that it verifies the security of one billion passwords to protect user accounts from unauthorized intrusions. In addition to having strong passwords, Google encourages users to have a second form of authentication to reduce the chance of an attacker gaining access to an account. Two-step verification, also known as two-factor authentication (2FA), is a reliable way to prevent unauthorized access to accounts and networks. The 2SV process combines both “something you know” (like a password) and “something you have” (like your phone or a security key) for better authentication security.
“2SV has been core to Google’s own security practices and today we make it seamless for our users with a Google prompt, which requires a simple tap on your mobile device to prove it’s really you trying to sign in. And because we know the best way to keep our users safe is to turn on our security protections by default, we have started to automatically configure our users’ accounts into a more secure state,” Google said.
Rolling Out 2SV
Currently, Google is auto-enrolling accounts with proper backup mechanisms to make a seamless transition to 2SV. Users can check whether their account has the right settings to use 2SV at Security Checkup. Google is also advancing the current 2SV options to make them suitable for everyone. The company is working on technologies that provide a convenient, secure authentication experience and reduce the reliance on passwords in the future.
Google’s Sign-In Advancements
Google introduced multiple forms of authentication to provide the highest level of sign-in security to users. The company launched Security Keys — an authentication procedure that requires the user to tap a key during suspicious sign-in attempts.
The company also launched One Tap and Google Identity Services, which uses secure tokens, rather than passwords, to sign users into partner websites and applications.
“These new services represent the future of authentication and protect against vulnerabilities like click-jacking, pixel tracking, and other web and app-based threats. Ultimately, we want all of our users to have an easy, seamless sign-in experience that includes the best security protections across all of their devices and accounts,” Google added.