Get serious about Google two-factor authentication. Good!

“Turn on the multiplier Authentication “is strict advice, and contains wired It repeats For years. Doing so ensures that your password is not the only line of defense against unauthorized access to your accounts. The problem? Ons was always on You To figure out how to do it. Now, Google is taking the first step towards enabling dual-multiplier by default for all its users – and where Google goes into web security, the rest of the industry often follows.

The company a Blog post This week it will start asking users who have already enabled two-step verification to authenticate by tapping the prompt on their smartphone whenever they sign in to their Google or Gmail account. (Gmail has about 1.6 billion users; people can also create Google Accounts using email addresses from other services Google) After Google evaluates data about how easy it is for existing two-factor users to interact with this mobile prompt, the company automatically selects Users will start with two-step verification.

“We’re starting with the users for whom it will be the least disruptive change and plan to expand from there based on the results,” Mark Richer, Google’s product management director for identity and user protection, told Wired. “It’s true that multifactor authentication is historically tedious and challenging to set up historically, but for many users it is no longer.”

Multifactor authentication simply adds one or more additional checks to the login process outside of a username and password. Your second factor may be randomly generated code from an authentication application, such as the presence of a physical authentication key UBK, Or even digital tokens built into your smartphone. And adding at least one of these extra layers makes it harder for phishers, scammers or other malicious hackers to access your digital accounts.

While multifactor authentication may seem like a beneficial security feature, companies are reluctant to order its use for everyone. The double-digit requirement can cause customers to try and lose their services, ultimately harming their business. Users may not have the tools or knowledge to navigate multifactor authentication, so exclude them from services they would otherwise want to use.

“Ultimately, we want to get the best security protection on all of our users’ devices and accounts – by default -” says Risher. Which provides a secure, fair authentication experience and eliminates reliance on passwords. “

Google users will be able to choose two-factor authentication if they change their mind. The goal, however, is to push the user and the larger technology industry towards a two-factor as a baseline standard.

Google is at the forefront of other major web security transfers, starting with promotion Autopet and sandboxing Pressing with chrome Ubiquitous HTTPS Web traffic encryption. Although it is not the only heavy hitter that it started the habit of multifactor authentication of its users. Apple has not made bi-factor fully mandatory for its Apple IDs, but in recent years the company has aggressively promoted this feature and made it even more difficult to opt out.

“Google looks great to take this industry forward by nudging users to enable multifactor authentication with our smartphones,” said Ken White, founder of the Open Crypto Audit Project. “If we can make it easier to go beyond simple certification, it’s account security and a win-win for everyone. And we’re slowly seeing large corporations like banks and healthcare take on urgently needed protections as mandatory two-factor ones. “

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *