Two-Factor Authentication: Some Google services such as YouTube, Chrome and Drive can only be used with a Google account. But a password alone is soon no longer enough. Because Google wants to introduce two-factor authentication this year – for 150 million users. We explain the background.
Google Enables Two-Factor Authentication For 150 Million Accounts
Google users who are not already using them will soon be obliged to do so. We are talking about two-factor authentication (2FA) because Google wants to automatically activate millions of accounts from December 14th and thus this year.
So that the changeover is not too abrupt, the 2FA does not apply directly to all users: inside at the same time. However, Google wants to inform all affected users in advance by email. In total, there should be around 150 million accounts for which the authentication method is already stored in the account.
If you do not receive a notification, two-factor authentication will not be activated for the time being. In principle, however, the setting is not an obligation. Because users can switch off the 2FA again after activation still, it’s a big step for Google.
How Does Two-Factor Authentication Work?
Two-factor authentication is a pure security measure. It protects against unauthorized access to user accounts. Two independent elements (factors) are required for registration.
If hackers have hacked the password, they will still not be able to log into accounts with a 2FA. In addition to the password, you should also have access to the second factor. However, this is usually not the case with digital codes.
Google uses the “actual” password as the first element for its 2FA. As a second factor, users can choose, among other things, SMS codes, push notifications or security keys. However, several methods can be added simultaneously if one should not be available.
Google Announced Changes In May And October
Setting up the 2FA is relatively straightforward on the Google website. But if you haven’t set it up yet, you can wait and see. Because for those who have received a notification, the step is automatic.
According to information from Spiegel’s news magazine, the 150 million results from the number of users who have given the required information in their Google account. This includes, for example, the telephone number or an Android device that can be used to confirm registration.
Google announced the change in May and again in October of this year. The company justifies the decision with additional security measures for its users.
Two-Factor Authentication At A Glance: Advantages And Disadvantages
And Google is right about that. Because the Federal Office for Information Security recommends using a 2FA in its “IT Baseline Protection Compendium”. It helps, especially with weak and insecure passwords.
One disadvantage, however, is that the registration process can take longer. To register, the smartphone or the chosen registration method for the second factor must always be at hand.
Either way, Google leaves its users the choice inside and after the changeover. Because users can deactivate the 2FA in the Google settings, in terms of their accounts’ security, probably not many users will do that.