2 step verification

A new update to Authenticator for Android and iOS allows for backups of codes in your Google account to be stored, meaning users won’t be locked out indefinitely if they lose a device with stored codes. Users will no longer have to reauthorize their linked apps if they get a new phone.

The latest version of Authenticator will let users follow prompts to sign into Google and enable syncing. The company says, “If you set up 2-Step Verification, you can use the Google Authenticator app to generate codes. You can still generate codes without internet connection or mobile service.”

The update also features a new logo for the app.

Despite adding passkey support in Android and Chrome, Google still understands that one-time codes are sometimes necessary for people looking to get back into their accounts. Thankfully, the new update to the app may encourage users to opt for two-factor authentication for increased protection of their devices.

Google joins companies like Microsoft, which has its own cloud backup in Microsoft Authenticator.

For more Google news, read about how the company may soon offer new AI tools in its ad program.

Header image credit: Google

Source: Google Via: Engadget

Google has put out another blog post reminding people that it will soon enable two-factor authentication (2FA) for millions of users by the end of the year.

2FA, or two-step verification as Google calls it, is a security protocol that can help protect online accounts by requiring a second method of authentication when the user signs in. In most cases, this refers the codes texted to people’s phones after they log into a website.

According to Google’s blog post, the search giant plans to auto-enroll an additional 150 million Google users in 2FA by the end of the year. It also plans to require 2 million YouTube creators to enable 2FA.

Along with that announcement, Google detailed several other ways it’s working to protect users’ accounts. For example, Google builds security keys into Android phones and offers similar functionality to iPhone users with Google Smart Lock. The search giant also detailed improvements to the password manager built into the Chrome browser, such as auto-fill options for iOS and Android users.

These things are all steps in the right direction for improving security. However, it’s also worth noting that 2FA can be an imperfect solution, especially when used over text.

SIM swap attacks are a common way for hackers to take over a victim’s phone number and intercept incoming 2FA messages to gain access to online accounts. It’s a prevalent issue in Canada, with the CRTC recently revealing it documented over 24,000 cases of potential phone number fraud between August 2019 and May 2020.

That’s part of why Google’s pushing users to use security keys and, in turn, is building them into devices. At a basic level, security keys are little USB sticks that users can plug into a computer to authenticate themselves. By turning smartphones into security keys, Google’s offering a convenient, secure alternative to SMS-based 2FA.

If you haven’t enabled 2FA on your Google account yet, here’s how to do it:

Head to myaccount.google.com
Click ‘Security’
Scroll down to ‘Signing in to Google’ and click ‘2-Step Verification.’
Follow the steps to set it up.

Image credit: Google

Source: Google Via: The Verge