Two-factor authentication: how Google hopes to increase security
17/12/2021
Translation: Veronica Bielawski
Two-factor authentication is now automatically enabled for all Google accounts. Here’s everything you need to know about this security measure.
For years, Google has recommended enabling two-factor authentication. The company has now automatically activated it for its nearly 150 million latest users. This is supposed to protect the accounts from access by unauthorised persons.
What are the advantages of two-factor authentication?
Two-factor authentication provides more security; the password alone is not sufficient to log in. The login must be confirmed in an additional step. In light of widespread laziness in dealing with passwords and numerous password leaks, this is a sensible solution. Even if someone knows your password, your account will remain inaccessible to them without additional confirmation. Not just Google, but also many other services, offer this security method.
Why should is it important for your Google account in particular to be secure?
For many people, the Google account serves as a hub on the Internet. In addition to being the login for numerous Google services, it can also be used as a login for non-Google services. It’s where you get codes for two-factor authentication and e-mails allowing you to reset your passwords. Many people also use Google’s integrated password manager. All this information shouldn’t fall into the hands of a stranger.
How does Google’s two-factor authentication work?
The most convenient way to use two-factor authentication is on your smartphone. For devices running Android 7 and higher, you can confirm logins on a new device with a tap of your finger. You can also have a one-time password – typically a six-digit numerical code – sent to you by SMS or read out to you by voice call. Another option you have, which even works offline, is an authentication app. Authentication apps generate numeric codes. Each code is valid for a set period of time. Google offers the Google Authenticator app for Android and Google Smart Lock for iOS.
What should you look out for when setting up two-factor authentication?
Create backup codes for two-factor authentication. Google has an article on how to do this here. Store the ten codes in a safe place; they’re a kind of emergency password list. You can enter these codes into the two-factor authentication check when your other options aren’t available. For example, if you prematurely logged out of your old smartphone when switching to a new one. Each code can be used only once. When you create ten new codes, the old ones expire.
Does two-factor authentication work without a smartphone?
Yes – and not only using the backup codes. Google supports so-called security keys over USB or smartphone. You’ll only be able to log in if the USB stick is inserted into your computer (or, depending on the model, via NFC). You can get the Google Titan Securtiy Key for this purpose. However, you can also link security keys from other manufacturers, such as Yubico, to your Google account.
What to do if you lose your smartphone?
Use your backup codes. If you can’t find them, you can also use a new smartphone with a SIM card whose phone number you’ve saved in your Google account. If you haven’t saved your phone number in your Google account, your only option is to contact Google’s customer service. They can reset your account; however, the process can take up to a week.
Can you turn off two-factor authentication?
Yes, you can. Google has two-factor authentication enabled by default, but you can still disable it. You'll find the option in your Google Account settings: go to «Manage your Google Account», then «Security». Under «Signing into Google», you can toggle «2-Step Verification» on and off.
When I was but a young student, I'd sit in my friend's living room with all my classmates and play on his SuperNES. Since then I've had the opportunity to test out all the newest technology for you. I've done reviews at Curved, Computer Bild and Netzwelt, and have now arrived at Galaxus.de.
