Jump to content
  • Google wants every account to use 2FA, starts auto-enrolling users


    Karlston

    • 770 views
    • 3 minutes
     Share


    • 770 views
    • 3 minutes

    Two-factor authentication is coming to Google accounts whether you want it or not.

    Google announced earlier this year that it is planning to forcefully transition as many of its users as possible to two-factor authentication (2FA). The company elaborated further in October, saying it was planning to auto-enroll 150 million Google accounts in 2FA by the end of the year. Now, with just two months left in the year, Android Police has found a few reports showing that the process has started, with some users finally being auto-enrolled in 2FA.

     

    Two-factor authentication—which Google calls "two-step verification" or "2SV" for some reason—requires you to use something in addition to your password to log in to an account. Usually, this "something" is a code or confirmation prompt from a smartphone. You can also use a physical security key, like a USB stick. A username and password won't be good enough anymore.

     

    Google's support page details the auto-enrollment process. The company says accounts that have been flagged for 2FA will get an email or notification about seven days before the requirement is enforced. Organizations with paid Google Workspace accounts won't be forced into 2FA; that's something for admins to decide. YouTube made 2FA a requirement for all "partner"-level creators (YouTubers with revenue sharing) on November 1. The bottom of the support page says that for now, Google will let people auto-enrolled in 2FA shut it off, but that "soon, 2-Step Verification will be required for most Google Accounts."

     

    6.jpg

    Google's 2FA email.

    Google has way more than 150 million user accounts, but it says it is only "auto-enrolling Google accounts that have the proper backup mechanisms in place to make a seamless transition to 2SV." Those backup requirements include a recovery phone number that can receive SMS codes or a recovery email.

     

    For Google accounts, a valid 2FA method is built into every Android phone via the "Google Prompt" feature in Google Play Services, which pops up an easy "yes" or "no" prompt when you log in to a new device, saving you the hassle of typing in a code. On iOS, Google Prompt requests for your account can be received by the Google Search app, the Gmail app, or the dedicated Google Smart Lock app. A security key is also an option.

    Update: Authentication options

    Oddly, Google Authenticator is no longer a sign-up option for 2FA accounts. Google apparently wants everyone to use a Google Prompt, SMS, or a physical key to start. Afterward, you can go back into the 2FA settings and pick Google Authenticator. It's a weird process.

     

     

    Google wants every account to use 2FA, starts auto-enrolling users


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...