The current situation of things including cyberattacks on internet users and big tech companies has prompted search giant Google to prepare the enrollment of over 150 million users for two-factor authentication.
The company on Tuesday announced it planned the auto-enrolling of over 150 million users into the two-step verification system by the end of the year.
With that, anyone logging on to the affected Google account will be required to utilize their registered password as well as their smartphone to authenticate the account.
Google first tried the auto-enroll of users into the two-factor authentication system as far as May but the plan was later shifted and it’s clear now that Google wants to finally take the action once and for all.
“By the end of 2021, we plan to auto-enroll an additional 150 million Google users in 2SV and require 2 million YouTube creators to turn it on,” Google Chrome Product Manager AbdelKarim Mardini and Account Security Director Guemmy Kim write in a blog post.
The main reason for the automatic enrollment is to help stop its users’ accounts from being hijacked by hackers who often break into online accounts using software that will often successfully guess the password by uncovering the re-used login credentials from past data breaches.
With the two-factor authentication in place, you’ll get prompted and would require to authenticate the login using your smartphone by activating a one-time password or OTP sent to your smartphone by Google.
In Google’s case, the company will issue a prompt to the account holder’s smartphone after the correct password is successfully entered. Taping the word “yes” on the prompt will then complete the login process.
“2SV has been core to Google’s own security practices and today we make it seamless for our users with a Google prompt, which requires a simple tap on your mobile device to prove it’s really you trying to sign in,” Google says on Tuesday’s announcement.
Google will however enforce this on the selected 150 million users that already have recovery information saved to their accounts such as a secondary phone number or email address.
“We also recognize that today’s 2SV options aren’t suitable for everyone, so we are working on technologies that provide a convenient, secure authentication experience and reduce the reliance on passwords in the long-term,” the company adds.
However, it’s possible for a user to opt out of the two-factor authentication by simply deactivating it via your account.
So when next you’re signing in to a new device with your Google account, don’t be surprised if you’re asked to authenticate your account using your smartphone especially if the system suddenly discovers you’re in a new location or using a new IP address.