A password alone will soon no longer be enough: Google plans to make two-factor authentication the standard for millions of users by 2021. What that means and the pitfalls of the change.
Google is pushing for safety. By the end of the year, the company urges 150 million users to switch to a secure login method. So-called two-factor authentication (2FA) is becoming the standard for them. The password alone is no longer sufficient to log in to the Chrome browser or the Google Drive cloud storage.
This week, Google informed them of the change via email. It says: “On December 14th, the confirmation will be activated automatically in two steps.” The only alternative: If you want, you can switch your account to two-step registration beforehand.
The 150 million are those who have already saved the appropriate settings in their account to activate two-factor authentication.
Google announced this on Friday at the request of SPIEGEL. One will continue to increase the acceptance of the security standard among all users.
It is already the second wave of warning messages that Google has sent out in Germany. The first users in the USA were notified in May. Around four weeks ago, the company also wrote to German users saying that the accounts would be switched to secure logins by default. At that time, November 9th was the deadline, as the screenshot of an email blog shows.
The security offensive is now entering the next round. But there are some pitfalls that two-factor authentication entails. We have collected the answers to the most important questions.
What Is The Benefit Of Two-Factor Authentication?
As the term suggests, two steps are necessary for more security when logging in. A password alone is then no longer sufficient to log in. But that’s also the big advantage. Because a password can be read, guessed or found out by trial and error. The two-factor authentication prevents unauthorized persons from logging into an account, despite the correct access data. In addition to the password, attackers need access to a device that enables login. Most major platforms offer their user’s such two-factor authentication as a protection mechanism.
Why Should The Google Account Be Well Secured?
Google offers numerous programs that can send emails to save data. Chrome, in particular, is a tricky tool: if an attacker should find out the password for the browser, he may have cracked the jackpot and can access numerous other accounts in one fell swoop. Because Chrome works like a password manager, you can store all access data there if you do not want to remember all the login data for Facebook, Instagram, Pinterest and Co. The Google password then works like a master code word that unlocks these online services.
What Do I Have To Pay Attention To When Converting?
Anyone who sets up two-factor authentication should first create so-called backup codes and keep them in a safe place. This emergency password list works similarly to the old TAN codes of a bank: users can have Google create ten eight-digit codes that expire as soon as they are entered into a 2FA registration. If you have ten new codes created, the old one-time passwords become invalid.
What Options Are There To Register With 2FA?
Two-factor authentication works most conveniently with a smartphone. For example, you can send a one-time password via SMS or have it read aloud via voice call. Android phones from version 7.0 can confirm the login directly with a fingertip if the smartphone is connected to the computer via Bluetooth. You can alternatively download the Google Smart Lock app if you use an iPhone, which works on the same principle.
Among others, authentication apps offered by Google, Microsoft and Twilio, among others, are good alternatives. These applications also work when the cell phone is not connected to the network, as they create time-based one-time codes on the device. Warning: If you change phones, the accounts in these apps must be transferred to the new phone.
What Do I Do If I Don’t Have A Smartphone?
An alternative to smartphones is crypto sticks. These hardware security keys can be connected to the computer via a USB slot and signal that the correct user is logged on to the portal.
I lost My Smartphone Or USB Stick. What Now?
If you have not created a backup code, you must use your telephone number. If the smartphone has been stolen or lost, you should ask your mobile operator to block the old SIM card and send a replacement card. You can then have codes sent to you by SMS. If the phone number is not stored with Google, only customer service can help. Resetting the account can take up to a week, however.
Can You Turn Off Two-Factor Authentication Again?
Yes. Even if Google automatically switches to secure login, it can be deactivated again. The setting is hidden in the browser and Android phones under “Manage Google Account”. There you can switch off the »two-step confirmation«.
How Are Apple And Facebook Dealing With 2FA?
Facebook does not want to make the two-step registration mandatory for everyone, SPIEGEL spokeswoman. Nevertheless, the company recommends that all active people on our platform make their accounts even more secure by two-step authentication. With the Facebook Protect program, only the accounts of some politicians, journalists and public figures are to be converted to 2FA.
Four per cent of all Facebook accounts are protected with a two-step login. “Other companies report similar numbers,” said the spokeswoman.
Apple has the option of protecting iCloud functions with a two-step login. When asked whether the function could become mandatory, Apple did not respond.