Google sets a date for everyone to automatically enroll in 2FA

Earlier in May, Google casually dropped by a blog on password security he was planning automatically activate 2FA on Google accounts. At the time, Google had given no idea what this timeline would look like other than “soon.” But in a month of cybersecurity awareness Blog, Google now says the process is already underway.

The blog itself is a broad look at the different ways Google is trying to make connections more secure. Google integrated Password manager, the Google Smart Lock app, and its Google Identity Services are some of the highlighted methods, as is two-step verification (2SV). You may have noticed that since last summer, Google has enabled Google prompts as the primary method in 2SV on all eligible phones. Google Prompt asks you to verify your identity by following a prompt on your smartphone when signing into your Google Account.

“And because we know the best way to protect our users is to enable our default security protections, we have started to automatically set our users’ accounts to a more secure state,” Google writes. “By the end of 2021, we plan to automatically enroll 150 million additional Google users in 2SV and will require 2 million YouTube creators to activate.” (The deadline for YouTube creators is November 1.)

For now, Google automatically registers accounts that already have a suitable backup in place. Basically, that means accounts that have provided Google with recovery information, like a phone number, authenticator app, or secondary email address. You can check if you fall into this category by visiting the Google site Security controle page.

Generally speaking, you should already use some sort of 2FA or 2SV on your accounts, especially those that contain sensitive information. This is because the passwords are an inherently defective safety mechanism– the best are the ones you might not remember, which can cause people to reuse them. As a result, we are starting to see tech companies moving away from them in favor of alternative methods and multi-factor authentication. Google has already said it works towards a future without password, and Microsoft announced last month that users no more passwords to access their Microsoft account. During WWDC 2021, Apple also noted that it was working on a “Pass keys in iCloud Keychain”Which would use TouchID or Face ID instead of passwords.