UPDATED: May 7, 2021 12:25 IST
In a bid to boost the security and privacy of users, Google will start enrolling users in two-factor authentication by default. The only way to protect your Facebook, WhatsApp and Google account from phishing attacks is by enabling two-factor authentication. Google will start enrolling users for two-step verification automatically if their accounts are appropriately configured.
Google in a blog on Thursday announced that the users will have to take two steps to sign in to their Google accounts. “Today we ask people who have enrolled in two-step verification (2SV) to confirm it’s really them with a simple tap via a Google prompt on their phone whenever they sign in. Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured. (You can check the status of your account in our Security Checkup). Using their mobile device to sign in gives people a safer and more secure authentication experience than passwords alone,” Mark Risher, Director of Product Management, said in a Google blog post.
On the occasion of World Password Day, Google wants more users to signup for the two-step verification process. Google will start sending prompts to its two billion Gmail users to enrol for the process, but it will soon start adding users in two-step verification.
Enabling this would also mean that nobody can log in to your Google accounts without having physical access to your device. The person cannot log in to your account even if he has your username and password. When you sign in to your Gmail account and enrol for the 2SV, you will receive a code on your phone via an SMS, voice call or through the Google app.
Google also mentioned in the biog that it has built security keys directly into Android devices, and launched our Google Smart Lock app for iOS, so now people can use their phones as their second form of authentication.
Google wants to completely eliminate the use of passwords because most people use the same password for all their accounts. However, the newly launched features by Google including Password Import, Password Manager and Security Checkup will minimize the spread of credentials across the web. “One day, we hope stolen passwords will be a thing of the past, because passwords will be a thing of the past, but until then Google will continue to keep you and your passwords safe,” Risher said in the blog.