Google will auto-enrol 150 million users in 2FA by end of 2021
An additional two million YouTube creators will also be required to switch it on the 2SV feature by the end of the year
Google has announced plans to automatically enrol an additional 150 million users in two-factor authentication (2FA) by the end of 2021.
Known as two-step verification (2SV), the security feature combines the use of a password with a mobile device or a security key in order to diminish the chances of unauthorised access to accounts and networks. For instance, users signing in to their Gmail account, particularly when using a new computer for the first time, are asked to tap a prompt on their smartphone to authorise the login.
In a blog post published on Tuesday, the tech giant stated that enabling security protections by default is “the best way to keep [their] users safe”, which is why it's moving to ensure that more accounts have the 2SV feature switched on:
“By the end of 2021, we plan to auto-enrol an additional 150 million Google users in 2SV,” it announced, adding that an additional two million YouTube creators will be required to turn the feature on by the end of the year.
The tech giant acknowledged that not everyone has access to a smartphone or a security key, noting that it is “working on technologies that provide a convenient, secure authentication experience and reduce the reliance on passwords in the long-term”.
“We know security keys provide the highest degree of sign-in security possible, that’s why we've partnered with organisations to provide free security keys to over 10,000 high-risk users this year,” it stated.
Google said that users will be able to benefit from built-in security key capabilities in Android phones as well as its Google Smart Lock app for iOS, adding that its 2SV technology is automatically supported by “two billion devices around the world”.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
In a Twitter post, Google product manager Sriram Karra said that today’s announcement “is just the beginning”.
“The 150m 2SV user count is staggering already if you look at it in the broader industry context. For e.g. Twitter recently announced ~2.5% of its ~350m active users have 2SV - that's ~9m user accounts,” he stated.
Companies across the tech industry have been working to strengthen account security and minimise users' reliance on passwords. In June, Twitter announced that its users would be able to use a security key as their only 2FA method, while in September, Corporate VP of Microsoft Security, Compliance and Identity, Vasu Jakkal, stated that customers “can now completely remove the password from [the] Microsoft account”.
However, 2FA has also been the target of cyber criminals. Earlier this week, Coinbase sent out letters to 6,000 customers informing them that hackers managed to exploit “a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor (2FA) authentication token”.
Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.
Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.