Have you received an email from Google in the past few weeks informing you that your Google account will soon be additionally secured? If not, it could be that way soon. As first announced in May and most recently in October, Google plans to automatically introduce so-called two-factor authentication (2FA) for numerous accounts by the end of the year.
For many users who use a Gmail address or have an Android smartphone, for example, it could mean their first contact with the secure log-in procedure. Julian Assange: The Deterrent
Numerous online services, from Facebook to
Twitter to PayPal and many banks have long been offering confirmation in two
steps. But for the most part, 2FA is just an option, not an obligation. This
is another reason why Google's plans to simply introduce them automatically are
a big step forward.
What two-factor authentication means for users
in everyday life, whether it will be mandatory at Google in the future and
other questions we answer here?
Two-factor authentication - what is it?
Usually accounts with online services are secured
exactly once, namely with the combination of username and password. The
disadvantage is obvious: once you know the password, you can automatically gain
access. And the fact that many people save their log-ins directly and
unsecured in the browser doesn't make it any better. The two-factor
authentication, on the other hand, does. As the name suggests, it
introduces a second factor, i.e. a second level of security, for logins. Instead
of just entering the password, users have to verify themselves in another way.
How Can Earn Money Through Facebook
This verification can be done
with a code that is sent via SMS. Or with an authentication app on the smartphone. Or with a
USB stick that you have to plug into your PC or laptop every time you log in. In
order to gain access to an account secured with 2FA, the attackers therefore
not only need the password, but also access to the smartphone or the USB key. That
makes it more difficult for hackers - and therefore safer for users. Security
experts and the Federal Office for Information Security therefore
recommend the use of 2FA for as many services
as possible.
When will Google introduce two-factor authentication?
By the end of the year, numerous Google accounts are
expected to receive a request to set up 2FA before it is automatically
activated. As stated on the website, this notification should be sent
seven days before the change. Initially, however, only around 150 million
accounts are to be automatically converted to two-factor authentication. That
would not even be ten percent of the roughly 1.8 billion Google accounts that
currently exist. The reason is that initially only those accounts are
affected that "have the right security mechanisms to enable a seamless
transition to 2FA," as it is said. This means accounts that are
already linked to a mobile phone number and a second back-up email address.
Is two-factor authentication mandatory?
Not yet, because as it says on the website, the
procedure can also be reversed. So Google is switching from the opt-in to
the opt-out model, so to speak: Until now, the users concerned could activate
the 2FA at their own request; after the changeover, they have to deactivate
it in the settings of their own accord. However, one day the
process could actually be mandatory: "Most Google accounts will soon
require verification in two steps," suggests Google. Then use would
no longer be possible without additional protection.
Do I have to give Google my phone number?
If the procedure becomes mandatory, then it will probably be. Because who now activates the two-factor authentication with Google, first has to link his account to a mobile phone number, to which a one-time confirmation code is sent. Only then can the desired 2FA method be set up. For all people who use their Gmail address anonymously as far as possible, this is of course a problem, because their account is then linked to a phone number that could be used to identify them.
EU Agrees To Suspend Roaming Charges Until 2032
Google
has been trying for a number of years to get more users to add a phone number; it
is now even required when creating a new account. Should two-factor
authentication actually become mandatory, older Gmail customers would also have
to consider whether they want to give Google their number - or whether they
would prefer to switch to another mail provider.
How does Google's two-factor authentication work?
Theoretically, Google offers several options for
verifying yourself in addition to the password. If you want, you can buy a
special USB stick that you have to plug into your PC or laptop every time you
log in, or a device that enables you to log in via Bluetooth. The most
common variants, however, are confirmation via app or SMS.
Requests:
For users who use their Google account with an Android smartphone, the change
will change the least. For one thing, they have already linked their
account to their phone number anyway. On the other hand, you don't have to
install an additional authentication app, as the 2FA is integrated directly
into Android. As soon as it has been activated, Google will send a request
in the form of a notification to the smartphone linked to the account (or to several
smartphones linked to the same Google account) every time you log in:
"Just try to log on to a second computer?" The choices are
"Yes" or "No, I'm not". With one click, the log-in is
either authenticated or rejected. Google, but the Smart Lock app or the Gmail
app must also be installed and set up.
SMS: Authentication via SMS does not require any further
preparatory steps, provided Google already knows the cell phone number. SMS
is the standard method if Google or Gmail are not set up on a smartphone. This
could affect all users who, for example, only use Gmail in the browser on their
PC. The difference to authentication via the Google Prompts is that with
the SMS procedure you have to enter the six-digit code contained in the message
when you log in again, so you cannot just click on a link. It is therefore
a little more laborious. In addition, there must be a cellular connection,
whereas the prompts also work if the cell phone is only connected to the WLAN. Especially
abroad, when you don't have roaming or reception.
Authentication app: If you haven't linked your
Google account to a smartphone, if you use several Gmail addresses at the same
time or if you don't want to receive SMS, you have to set up an authentication
app on a smartphone (you can find detailed instructions here). The
best known comes directly from Google itself and is called Google Authenticator
and is available for both Android and iOS. Once the app is
installed, you can add new accounts via QR code, not only for Google, by the
way, but also for other online services that support this process. So you
don't need a separate authentication app for every service. The QR code
for the Google account is available in the 2FA settings. Once
scanned, the account is saved in the authenticator app. The six-digit code
changes every 60 seconds, which you have to enter in addition to the password
when logging in, as with the SMS. The advantage of the app: The codes are
generated offline, so the smartphone does not have to be connected to the
internet or wireless network.
Do I really have to confirm the Google log-in every time?
That would of course be safest, but it doesn't have to
be. When you log in to a device for the first time after switching to
two-factor authentication, you can choose not to be asked for the second factor
on this device. This can be helpful, for example, when it comes to your
home PC that you use every day anyway and that no one else has access to. In the
settings, all trustworthy devices can later be revoked if you lose track of
things or if you want to set up the 2FA all over again.
What do I have to consider with mail programs?
You can log into many apps on your smartphone directly
with your Google account. The above-mentioned procedures apply here. However,
many mail programs on the PC, for example Thunderbird, do not support
"Log-in with Google" and therefore also do not support two-factor
authentication. In order to continue to use these programs anyway, there
is the option of creating so-called app passwords. These
passwords are then entered once in the respective programs when asked for them. They
are valid indefinitely, so you only have to enter them once or until you delete
them from your Google account. In mail programs like Thunderbird, you may
have to create your own app password for both the inbox and the Outbox.
Can I change the 2FA procedure again later?
"You can always use another second step that you have set up." So it is in the Google settings. But apparently this is not true, because there is, at least in our test, no option to make another method the standard. Rather, Google seems to determine the order automatically: The Google prompts, for example, always seem to be standard when the account has been linked to a smartphone. Even those who then set up the authenticator app cannot prefer it to prompts.
This Is The Processor That High-End Android Phones Will Carry In 2022
The app only works if you log out of all active devices, which irritates some users. In a sense, the authentication app is the back-up option.
It is similar with SMS: if you first set up two-factor authentication via SMS, but then install the authenticator, this automatically becomes the standard and the SMS becomes a backup. Possibly because the authentication app is considered more secure than SMS, which are comparatively easy to intercept.
Still, the fact that you can't easily customize the process you want isn't really user-friendly. However, Google may still adjust this, perhaps at the latest when the two-step confirmation is really mandatory for all users.
Do You Know What We Have Posted on
0 Comments