Google to automatically enable two-factor authentication on certain accounts
Google has announced that it will soon enable two-factor authentication by default on select user accounts. The company said the change is meant to protect users from online security threats, even if those users have a password that’s considered secure.
“Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured,” said Mark Risher, Director of Product Management, Identity and User Security, Google. “(You can check the status of your account in our Security Checkup).”
Google said that two-factor authentication is one of the best ways to protect your account, whether your password has been breached or not. A second form of verification — usually confirmed in an app or by SMS — gives users the opportunity to confirm they’re really the one logging in. If you do use two-factor authentication, might I suggest using an authenticator app, as SMS messages can be intercepted.
You should also consider using a password manager to help create unique, complicated passwords for your many different logins. I currently use 1Password, which offers password management features and authentication features. For accounts that offer two-factor authentication, 1Password (and authenticator apps) will create a six-digit code that is changed every 30 seconds or so.
Of course, you could also use an actual physical security key, which Google sells in its store. The search giant sells security key called Titan. Meanwhile, Google also added an option for Android smartphones to serve as a security key, and rolled the same feature out to iPhones.
Google said that searches for “how strong is my password” increased by 300% in 2020, highlighting how important online security is for users. Unfortunately, the search giant said 66% or Americans admit to using the same password across multiple sites, which is highly discouraged. So, take this as a reminder that if you reuse passwords, audit your passwords to create something unique for all of your accounts — and don’t forget to use two-factor authentication where it’s offered.