Google is coming through with its promise to turn on two-step verification (2SV) by default, using Cybersecurity Awareness Month as an opportunity to remind you ‘Password1’ – or any of these for that matter – will no longer cut it.
Google announced it finally had enough of trash passwords back in May. It said so long as you provide a secondary email or phone number, it will start automatically enabling 2SV on your Google Accounts. 2SV is like two-factor authentication, or 2FA, Google just wants to use a different name.
In a blog post, Google said it will be automatically enrolling 150 million users in 2SV by the end of the year. 2 million YouTube creators will also be required to turn it on.
“In addition to passwords, we know that having a second form of authentication dramatically decreases an attacker’s chance of gaining access to an account,” Google says, adding “2SV is strongest when it combines both ‘something you know’ (like a password) and ‘something you have’ (like your phone or a security key).”
To start using 2SV, you’ll need to respond to a Google prompt, which requires a simple tap on your mobile device to prove it’s really you trying to sign in. It’s already started auto-enrolling accounts that have the proper backup mechanisms in place to make a seamless transition to 2SV, ahead of its big push later this year.
Google has provided a quick Security Checkup to make sure your account has the right settings in place for 2SV.
Don’t be too alarmed if you hate it, Google says it’s working on technologies that “provide a convenient, secure authentication experience and reduce the reliance on passwords in the long-term”. But also, it’s more secure, so just accept it.
In the spirit of Cybersecurity Awareness Month, Google has also provided its top five safety tips for you to perform a little bit of security hygiene.