Google's 2-Step Authentication Update Simplifies Sign-On


Register for this webinar and get a better understanding of the impact of malvertising and ransomw

To encourage more users to practice some form of two-factor authentication when they log in to Google accounts, the tech titan has made the process easier with its latest update.

Google has updated its two-factor verification process in a move to simplify the steps users need to take to log in to their Google accounts.

Google, which according to The Verge has supported two-factor authentication for more than five years, has added a feature that allows users to tap one of two prompt son their smartphones that say: "Yes, allow sign-in," or "No, deny sign-in" to approve or deny login requests.

The feature is a simpler option than existing methods of (1) having Google text a code, or (2) requiring users go to a Google random code generator app and enter its characters into an account site. Google will continue to offer those two-step authentication methods alongside its latest security feature update.

Users with an Android phone will need to have the latest version of Google Play Services loaded on their device to use the Google two-factor authentication prompt. Apple iOS users will need to install the Google search app on their iPhones to use the new security feature.

But whether this simplification will succeed in enticing more users to beef up security by using two-factor authentication has yet to be seen. However, it may be a good start.

"In my view, this change will allow more users to enroll and take advantage of the two-factor authentication. Many users will refuse to open an app and enter a code [because of] too much friction, but hitting a key similar to a phone notification that everyone is used to might just remove enough friction to start a mass enrollment for many folks with smart phones.

"If Google ever moves toward making this the default behavior once they detect [...] the type of phone, [...] I believe it could drastically reduce account takeover and increase [the] security of Google offerings," Scott Carlson, technical fellow at security firm BeyondTrust, told InformationWeek.

[See 10 Stupid Moves That Threaten Your Company's Security.]

He noted that this form of two-factor authentication is technically similar to the push notifications and texts that banks have successfully used for years, and that a few single-sign-on providers are starting to allow their customers to use it.

"It appears that most consumers and employees trust their smart device now, and if Google starts to see, and publishes positive adoption numbers, I believe we will see many internet-based service companies moving toward this model where they prompt a user before logging in," said Carlson.

Still, some may note that enterprises should not necessarily view two-factor authentication as a security silver bullet, and point to the need for companies to consider how their systems are designed and built.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    Robots, AI Won't Destroy Jobs, Yet

    In this eye-opening webinar, security experts will give you deeper insight into this emerging thre Cognitive systems will only eliminate a small portion of jobs in the near future, according to Forrester.The future of human workers is not as bleak as many fear, says a recent report by research firm Forrester.
  • 5300c769af79e

    Amazon's Kindle Oasis: Lightness of Being at an Unbearable Price?

    Along with features that are arguably revolutionary, it comes with a price point that may shock more than a few customers.The Oasis is the thinnest and lightest e-reader it has ever produced, Amazon said.
  • 5300c769af79e

    Google Ending Hands Free Pilot on February 8

    In an email we just received, Google announced it is shutting down the Hands Free pilot, which has been active since March of last year.Scheduled to shut down on February 8, 2016, Hands Free is was Google’s effort to get people to pay with their smartphone inside select retailers without ever lifting a finger.
  • 5300c769af79e

    How LinkedIn Mobile App Spurred A Complete Code Cleanup

    The mobile app not only displays data to users, it also emits data based on user behavior that is then ingested to become part of LinkedIn's data sets.Any changes to the mobile app would impact more than the user experience.