Google has recently announced that it is planning on making its 2SV (two-step verification), also known as 2FA (two-factor authentication), mandatory for all account holders.
What Is 2FA/2SV
2FA, or 2SV as Google calls it, is used to make online accounts more secure by adding a second method (or step) of authentication– account password (first step), verification code (second step). 2FA is usually only triggered when the account holder signs in for the first time from a different browser and/or device. When 2FA is triggered, a unique verification code is sent to the account holder, either to their mobile phone via text message or to a secondary email address via email message. The account holder must then input that one-time verification code to complete the signing-in process.
However, if I am interpreting Google’s announcement correctly, it seems mobile phone users will be required to confirm their identity each time they sign in:
Today we ask people who have enrolled in two-step verification (2SV) to confirm it’s really them with a simple tap via a Google prompt on their phone whenever they sign in. Soon we’ll start automatically enrolling users in 2SV if their accounts are appropriately configured.
PC users are not mentioned, nor is there any mention of tablets, so I am uncertain of the scope of this new requirement. Maybe it’s for mobile phone users only. Certainly, based on the wording in Google’s announcement, that appears to be the case. We shall see.
A number of anti-Google skeptics have suggested that this is a plan by Google to ensure that all the data the company collects is attributed to the correct user. While I am by no means a fan of Google or its data collection practices I do not believe there is an ulterior motive involved, merely Google safeguarding its users’ accounts. 2FA is a terrific method to enhance account security and, in my opinion, should be mandatory for all online accounts. Not sure about the whenever they sign in bit though, especially from the same device and browser– maybe overkill?
How To Set Up 2SV
Setting up 2SV for your Google account is a simple matter of adding the required information into your account details. You can choose to add a mobile phone number, secondary email address, or both. I would definitely suggest opting for either the secondary email option or both as phone numbers can and do change whereas email addresses tend to be more permanent.
- You can check to see if your account details meet the requirements for 2SV by visiting Google’s Account Security Checkup
Please bear in mind that although 2FA/2SV strengthens account security it does not compensate for using weak passwords. The first and critical step in securing any online account is to use a very strong password.
Google’s announcement is about as clear as mud. While it’s apparent that Google is intent on enforcing 2SV, there is no mention of exactly on what devices it will be made compulsory. What’s your take on it all?