Google will enroll users in two-step verification to add a layer of security0
According to a new blog post published today by Google, 66% of Americans use the same password for multiple sites. The problem here is that once one password is stolen or figured out, it could allow attackers entry into many of your apps including financial sites. And the more complex you make your password, ironically the higher the odds that you will use the same one on many different apps.
Google points out that just because most Americans aren't using safe password security habits, it doesn't mean that the intent isn't there. After all, last year searches for "how strong is my password" increased by 300%. However, even the strongest passwords can be discovered by an attacker and Google has found that the best way to protect users is to request that they have another layer of verification to confirm their identity.
Today, Google is telling those who have signed up for its two-step verification process (2SV) that they will have to tap on a Google prompt that they will receive on their phones when attempting to login to a Google app. And soon, those with Google accounts will automatically be enrolled in 2SV if their accounts are configured appropriately. According to the search giant, "Using their mobile device to sign in gives people a safer and more secure authentication experience than passwords alone."
Right now though, you can sign up for 2SV by tapping on this link and signing in. Doing so will add an extra layer of security since you will be typing in a unique security code that has been sent to your phone in addition to providing your password. So even if some bad actor (no, not William Shatner) has your password, he/she won't be able to access your account.
Since there is no such thing as a free lunch, the caveat here is that you will have to spend a few extra-seconds to verify your identity before you open a Google app. On the other hand, you will have an additional layer of security keeping your personal information from getting into the wrong hands.
And with Google's Password Manager built into Android, iOS, and ChromeOS, you can create complicated passwords without having to remember them. The new Passport Import feature allows you to import as many as 1,000 passwords at a time from third-party apps into the Password Manager at no cost. This allows all of your passwords to be protected by Google's "advanced security and privacy technology."
Google does have a goal for the future of passwords and that is to eliminate them completely some day. "One day, we hope stolen passwords will be a thing of the past, because passwords will be a thing of the past, but until then Google will continue to keep you and your passwords safe."