We’ve heard often that two-factor authentication is the way to go, that the extra step will help keep your accounts safer. Google agrees with this so much that it plans to automatically use what it calls 2SV (two-step verification) on all accounts. For all intents and purposes, 2SV is just another way to refer to 2FA (two-factor authentication). The two terms are often interchangeable.
Google’s Plan for Using 2SV Automatically
Google laid out in a blog post the problems with signing in with just a password: “They’re easy to steal, they’re hard to remember, and managing them is tedious.” It adds that a long password isn’t always safer, as they tend to make people use them for more than one account, as they don’t want to remember multiple long passwords.
Noting that “keeping you safe online is our top priority,” Google gave a preview of its new 2SV policy. Currently, Google account holders are asked to enroll in 2SV, but they will be enrolled automatically in the future.
The blog post explains Google’s 2SV process that involves using a mobile device as the second step in the verification process. Users verify their identity by tapping a Google prompt when they sign in. “Using their mobile device to sign in gives people a safer and more secure authentication experience than passwords alone.”
Google is “building advanced security technologies into devices to make this multi-factor authentication seamless and even more secure than a password. For example, we’ve built our security keys directly into Android devices and launched our Google Smart Lock app for iOS, so now people can use their phones as their secondary form of authentication.”
Password Manager and Password Import
Automatically adding 2SV to all accounts will add to the other ways Google already keeps the login process safe. This includes Password Manager and Password Import.
Password Manager is built into Chrome, Android, and even iOS. It makes it easier to create and use unique, complex passwords and not have to remember them. It will automatically fill in your password when you sign in and also utilizes Google Security Checkup to let you know if your passwords have been compromised, if you are reusing a password, and the strength of your password.
Password Import allows users to upload passwords, up to 1,000 at a time, from third-party sites into Password Manager.
Of course, you may be happy with your current password manager and current process of 2SV. Stick with it. Just know Google is providing another option.
Frankly, Google needs a bit of P.R. to ensure the safety of using its services. Perhaps adding these services, whether automatic or not, will help the public see the company a bit differently while keeping accounts safe in the process.
“One day, we hope stolen passwords will be a thing of the past because passwords will be a thing of the past, but until then, Google will continue to keep you and your passwords safe.”
Read on to learn how using 2FA tied to recycled phone numbers can also be a security risk.