Google will soon make two-factor authentication mandatory
Search giant plans to automatically enroll users in two-step verification
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
In order to commemorate this year’sWorld Password Day,Googlehas announced that it will soon start automatically requiring two-factor authentication (2FA) for user accounts.
According to a new blog post from the search giant, passwords are the single biggest threat to your online security as they are easy to steal, hard to remember and managing them can be tedious. While many users try to come up with long and complicated passwords, this can also put their security at risk as they are more likely toreuse the same passwordacross multiple online accounts. If one account is compromised, all of their accounts are then vulnerable.
This is why many users have begun to rely onpassword generatorsto create strong, complex passwords andpassword managersto store them securely online. Most modernbrowsers, including Google Chrome, have password managers built in but if you’re looking for additional security, you can always sign up for a paid service such asLastPass.
Google’s password manager is entirely free to use and one of the best things about it is the fact that its integrated into the company’s single-clickSecurity Checkupwhich can tell you if any of your passwords have been compromised or involved in a data breach.
Two-step verification
One of the best ways to protect your online accounts is to have a second form of verification in place as this allows them to confirm that it is really you trying to log in.
Google has been doing this for years by asking users to enroll in two-step verification (2SV) to confirm it’s really them by tapping on a prompt on their smartphone whenever they sign in. However, soon the company will begin automatically enrolling users in 2SV if their accounts are properly configured.
At the same time though, Google is also building advanced security technologies into devices to make its multi-factor authentication seamless and even more secure than a password. For instance, the company has buildsecurity keysdirectly into Android devices and brought its Google Smart Lock app to iOS to allow users to use their phones as a secondary form of authentication.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Director of product management, identity and user security at Google, Mark Risher explained in ablog postthat until we move to apasswordless future, the company will continue its work to keep its users' passwords safe, saying:
“One day, we hope stolen passwords will be a thing of the past, because passwords will be a thing of the past, but until then Google will continue to keep you and your passwords safe.”
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Windows PCs targeted by new malware hitting a vulnerable driver
Dangerous Android banking malware looks to trick victims with fake money transfers
What to do after a data breach?
