Google wants to move everyone to two-way authentication

Google wants to move everyone to two-way authentication

Forcing the hand of the most recalcitrant

It will first ask people, who have already activated the two-step verification to confirm their identity via a notification on their smartphone every time they log into their account. This will be the most receptive audience.

Then it will be time to move on to those who are content to use a simple password. They will be automatically enrolled in the two-step verification if their account is set up correctly. A way to force their hand, although the process will be reversible.

The preferred application to SMS

Dual authentication, also known as multifactor authentication or two-step verification, as Google calls it, is a security mechanism in addition to the password as a code sent to the smartphone.
Users receive it via SMS, voice call or via an app. It must then be entered and validated on the screen of the terminal to which you want to connect. Authentication by application is preferred by Google, as an SMS can be intercepted or diverted. It is also possible to use Google's Titan security key.

"One day, we hope that stolen passwords will be a thing of the past", Mark Risher begins to dream.

Source : Google