Passwords are notoriously easy to crack, steal or otherwise compromise. In today’s era of highly advanced hackers, they’re pretty dated as a security measure.
That’s why Google is moving beyond passwords. It’s about to start automatically enrolling Gmail and Google account users into two-factor authentication (2FA).
“You may not realize it, but passwords are the single biggest threat to your online security — they’re easy to steal, they’re hard to remember, and managing them is tedious,” Mark Risher, Google’s product management director for identity and user security, wrote in a blog post on Thursday, which is World Password Day.
“Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured. (You can check the status of your account in our Security Checkup),” he wrote.
So what does Google mean when it refers to your Google account being “appropriately configured” for 2FA? A Google product manager told PCWorld it means users already have recovery information on their accounts, like a phone number or a secondary email.
Cost of a data breach report 2020
Find out what factors help mitigate breach costs
Two-factor authentication is one of the simplest but most effective security steps that businesses and individuals can take. Also known as multi-factor authentication (MFA) or two-step verification, 2FA is a fairly straightforward process of confirming your identity twice before gaining access to an account or service.
Google already prompts users who are opening new Gmail accounts to enroll in two-factor authentication. The difference is, Google will now automatically enroll users into it.
Although some reports claim Google is making 2FA mandatory, a Google spokesperson told Mashable that users would be able to opt out if they want to.
So far, Google isn’t mentioning a specific timeline for this change, other than Risher writing that it’ll happen “soon.”
Implementing 2FA can go some way toward adding an extra barrier of entry for yourself and any third party attempting to access your account. While security questions seeking personal details, like the name of your first family pet or mother’s maiden name, may help shield user accounts, savvy hackers can easily figure these out, often by rummaging through social media accounts.
Adding the second authentication factor, whether by delivering a code by text message or email or using an authenticator app, adds a more robust protective layer. While it may seem arduous to jump through this hoop time and time again, the benefits of having these hoops in place are untold.
How to be an MSP: Seven steps to success
Building your business from the ground up
The smart buyer’s guide to flash
Find out whether flash storage is right for your business
How MSPs build outperforming sales teams
The definitive guide to sales
The business guide to ransomware
Everything you need to know to keep your company afloat
See the original article here: ITPro