Connect with us

    Hi, what are you looking for?

    Reviews

    Google Simplifies the Setup Process for 2-Factor Authentication

    Google has streamlined the process of activating 2-Factor Authentication (2FA) for user accounts by now giving users the ability to activate it without the requirement of a phone number.

    Previously, users had to provide their phone number before being able to activate 2FA. However, users now have the choice to skip adding a phone number when opting for the authentication method in their account settings.

    This update benefits both organization administrators looking to implement 2FA policies and individual users. Relying solely on a phone number for authentication is not completely secure due to the vulnerabilities associated with SMS-based one-time passcodes (OTPs), which can be susceptible to hacking or if the device is lost or stolen.

    Google Eliminates Phone Number Requirement Prior to 2-Factor Authentication Configuration

    Google provides three alternatives for setting up 2-factor authentication. Users can opt to use an authenticator app such as Google Authenticator or Microsoft Authenticator. Additionally, they can explore open-source choices like Aegis Authenticator for Android, 2FAS for Android and iOS, and Ente Auth for Android and iOS.

    Alternatively, users can select a hardware security key like YubiKey for added security. Google mentions that even if the key supports FIDO2, it will be registered as a FIDO1 credential. Similarly, users can produce a passkey for their Google account, registering it as a FIDO2 credential, necessitating the entry of the key’s PIN for local verification.

    Recently, Microsoft has added support for Passkeys for all user accounts, and WhatsApp Messenger and Bitwarden Password Manager have also integrated Passkeys for enhanced security. The use of passkeys is gaining popularity, with Google reporting over 1 billion authentications via passkeys across 400 million accounts in a year. Users can refer to a tutorial to create a passkey for their Google account using functionalities like fingerprint reader, Face ID, or the device’s screen lock code.

    Google ensures that if a user deactivates 2FA after enabling it, other enrolled secondary methods such as backup codes, Google Authenticator, or a second-factor phone will not be automatically removed from their account. This feature is designed to avoid users getting locked out of their accounts, especially during a device transition.

    Advertisement. Scroll to continue reading.

    The enhanced 2-Factor Authentication procedure is not restricted to Google Workspace clients but is accessible to all users, including personal accounts. The migration to this new procedure is projected to finish within the next two days, empowering users to activate 2FA from their Account’s security page for elevated account security in case of a compromised password.

    Image Source: Rawpixel.com / Shutterstock

    You May Also Like

    Reviews

    Microsoft has resolved 74 security issues in its software during the company’s August 2023 Patch Tuesday release. The previous month’s update tackled 132 vulnerabilities,...

    Hacks

    An economical high-voltage power supply project has been developed by Sebastian from Baltic Labs. The primary element of this endeavor is a commercial power...

    Hacks

    The issue of compatibility centers around the POPCNT CPU function. TheBobPony’s posts on Twitter uncovered that this function is found in several Windows 11...

    Hacks

    The choice to utilize USB storage was influenced by the nonexistence of Bluetooth and the substandard audio input port in the dated entertainment system....