C. Scott Brown / Android Authority
TL;DR
- Google’s up to date 2FA setup not requires a cellphone quantity by default.
- Customers can arrange 2FA immediately with an authenticator app or {hardware} key, skipping SMS verification.
Google has streamlined its two-factor authentication (2FA), often known as the two-step verification (2SV) course of, making it simpler and safer for customers to guard their accounts.
The brand new, improved course of offers customers the choice to start out their 2FA setup by immediately selecting safer strategies like authenticator apps or bodily safety keys. Prior to now, organising 2FA required first offering a cellphone quantity earlier than having the ability to add an authenticator app.
Whereas SMS verification codes are a step up from single-password logins, they’re thought-about much less safe than different 2FA strategies on account of potential vulnerabilities. With Google’s replace, cellphone quantity verification isn’t a compulsory step anymore for organising 2FA. Customers can as a substitute immediately go for a time-based code generated by an authenticator app (like Google Authenticator) or join a bodily safety key.
Google presents two strategies for linking safety keys. Customers can select to register a FIDO1 credential on their key or arrange a passkey. It’s necessary to notice that passkey setups should still require normal password login for Workspace accounts, relying on the precise settings established by the related group.
Google has additionally adjusted how turning off 2FA works. Beforehand, turning 2FA off meant all related safety measures, reminiscent of backup codes, authenticator app hyperlinks, and linked cellphone numbers, can be routinely eliminated. Now, these further layers keep in place even after you flip off 2FA.
These updates are rolling out to each Google Workspace subscribers and customers with private Google accounts.
