Two-Factor Authentication Push For Google Users

Roughly five months after taking two-factor authentication to Google Apps users, the company is adding a setup wizard and other features to bring the same security approach to Google Accounts.

“Most of us are used to entrusting our information to a password, but we know that some of you are looking for something stronger,” blogged Nishit Shah, product manager for Google Security.

“As we announced to our Google Apps customers a few months ago, we’ve developed an advanced opt-in security feature called two-step verification that makes your Google Account significantly more secure by helping to verify that you’re the real owner of your account,” he wrote. “Now it’s time to offer the same advanced protection to all of our users.”

Pass Code Sent To Phone By SMS

The two-step authentication process will involve the user’s password plus a code sent to a phone number the user provides. Once it is set up, when users enter their password they will also be prompted to enter a code provided by Google.

“Over the next few days, you’ll see a new link on your Account Settings page… A user-friendly set-up wizard will guide you through the process, including setting up a backup phone and creating backup codes in case you lose access to your primary phone,” Shah explained. “Once you enable two-step verification, you’ll see an extra page that prompts you for a code when you sign in to your account.

“After entering your password, Google will call you with the code, send you an SMS message or give you the choice to generate the code for yourself using a mobile application on your Android, BlackBerry or iPhone device,” Shah wrote. “The choice is up to you.

“A hacker would need access to both of these factors to gain access to your account,” Shah wrote. “If you like, you can always choose a ‘Remember verification for this computer for 30 days’ option, and you won’t need to re-enter a code for another 30 days. You can also set up one-time application-specific passwords to sign in to your account from non-browser based applications that are designed to only ask for a password, and cannot prompt for the code.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago