For now, Google is only encouraging users to enable dual authentication, but it wants to enforce its use in the future.
Google took advantage of World Password Day, which took place yesterday, to reaffirm its position on cybersecurity. Thus, the tech giant announces that two-factor authentication should soon be enabled for all its users.
Dual authentication, also known as “two-step validation” is a simple method of requiring additional confirmation of the identity of the person attempting to log in. Thus, users will have to provide a validation code received by SMS, call, email or via a dedicated mobile application, in addition to their traditional login and password. This security may seem trivial and unnecessary, but in reality it greatly enhances account security.
Mark Risher, director of product management, identity and user security at Google explains that “Complicated passwords encourage Internet users to use them for more than one account. For example, 66% of Americans admit to using the same password on multiple sites, making all those accounts vulnerable.”. That’s why the company wants to eventually impose the activation of dual authentication to all its users.
In an email quoted by Motherboard, Mark Risher says that Google is “starting with the users for whom the change will be least disruptive” and that they “plan to accelerate the rollout based on these early results.” A small sample of users can therefore already test the functionality, which should “be extended in the coming months”. However, the deployment date is still unknown.
Passwords are ubiquitous in our daily lives, and it is sometimes difficult to keep different passwords secure for each network. That’s why password manager tools exist.
Google also has a password manager directly integrated into Chrome, Android and iOS. The tool tells you if one or more of your passwords have been compromised. Since March 2021, an import feature allows users to download their passwords (up to 1000) from various sites and keep them in a secure interface.