Enforced 2FA Cuts Account Compromise by Half, Google Says

After enabling two-factor authentication by default for much of its user base, Google claims to have seen a 50% decrease in accounts being compromised. The Internet giant is moving forward with the initiative, saying it plans to auto-enroll more users in 2022.

Last year, Google made considerable efforts to promote the security benefits of multi-factor authentication (MFA), also known as two-factor authentication (2FA) or two-step verification (2SV) – which is Google’s preferred abbreviation for the multi-layer security mechanism.

The latest such move was to auto-enable 2SV for 150 million Gmail users, plus 2 million YouTube creators, after selecting those accounts that were properly configured for recovery in the off chance anything went awry.

As a result of that initiative, the web giant proudly announced this week that Gmail account compromise has dropped by half.

“Last year, we accelerated our journey to eliminating password threats by starting to auto-enroll users in 2-Step Verification (2SV), giving people an extra layer of protection when cyber criminals try to hack into their accounts, by requiring a second form of verification beyond the password,” writes Guemmy Kim, director of Account Security and Safety.

“Since last year’s initiative, we’ve successfully auto-enabled 2SV for over 150 million people, and we've also required it for over 2 million of our YouTube creators. As a result of this effort, we have seen a 50% decrease in accounts being compromised among those users,” Kim says.

Google plans to continue its push to provide technologies that reduce reliance on passwords while allowing a secure, seamless sign-in.

In 2022, the company will continue its 2SV auto enrollments, not just to make signing-in more seamless, but also to spread awareness of the security benefits of multi-factor authentication.

The web giant also encourages users to take a Security Checkup from time to time.