2 min read

Google Makes Two-Factor Authentication Default in Massive Rollout


October 06, 2021

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Google Makes Two-Factor Authentication Default in Massive Rollout

In a bid to warm up users to stronger security, Google is auto-enrolling select members of its user base for two-factor authentication, the company has announced.

In a blog post published Tuesday, the search giant provides several updates on password security, acknowledging that “managing a set of strong passwords isn’t always convenient, which leads many people to look for shortcuts (i.e. dog’s name + birthday) or to neglect password best practices altogether, which opens them up to online risks.”

Among these updates is Google‘s rather unceremonious announcement that it will begin enrolling millions for two-factor authentication to strengthen accounts against malicious activity.

Google calls it two-step verification, abbreviated as 2SV, and notes that “a second form of authentication dramatically decreases an attacker’s chance of gaining access to an account.”

While the company has been advocating for multi-factor authentication for a decade, throngs of its customers are still on the sidelines. That starts to change this year, with Google switching 2SV on by default for an additional 150 million users, plus 2 million YouTubers.

“For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks. 2SV is strongest when it combines both "something you know" (like a password) and "something you have" (like your phone or a security key),” reads the announcement.

“2SV has been core to Google’s own security practices and today we make it seamless for our users with a Google prompt, which requires a simple tap on your mobile device to prove it’s really you trying to sign in. And because we know the best way to keep our users safe is to turn on our security protections by default, we have started to automatically configure our users’ accounts into a more secure state. By the end of 2021, we plan to auto-enroll an additional 150 million Google users in 2SV and require 2 million YouTube creators to turn it on,” Google’s AbdelKarim Mardini and Guemmy Kim write.

Not wanting to upset users who prefer to make 2SV their decision, the company is only auto-enrolling users who “have the proper backup mechanisms in place to make a seamless transition to 2SV.” Users who want to check if they have the right settings in place are encouraged to take a Security Checkup.




Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

You might also like