Google will start automatically enrolling users in two-step verification (2SV), or two-factor authentication. The development was shared by Google via a blog post. Currently, Google gives an option of enrolling in two-step-verification to its users which, if enrolled, gives them a prompt on their smartphone when signing in to verify if they are the ones actually signing in to their account. Google says this is an attempt to increase security as passwords are the single biggest threat to online security.
Mark Risher, Director of Product Management, Identity and User Security at Google, explains through a blog post that people try to make their passwords long and complicated to make them more difficult to crack. This sometimes increases security risks as people them use the same password for multiple accounts. Risher says 66 percent of Americans admitted to using the same password across multiple sites. To overcome this hurdle, Google incorporated a second form of verification alongside a password. Soon, it will automatically enrol users in 2SV or two-factor authentication “if their accounts are appropriately configured.”
As of now, Google gives the option to enrol in 2SV but it will soon make this feature mandatory for all. The search giant has not shared by when this change will be implemented.
The blog goes on to state that Google recently launched a new Password Import feature that allows users to upload up to 1,000 passwords at a time for free. “Features like Password Import, Password Manager and Security Checkup — combined with authentication products like Sign-in with Google — reduce the spread of weak credentials,” Risher says.
Google recently announced that it will make it mandatory for all apps on Google Play store to announce how they use users' data in order to provide transparency. Developers will have to list all the information about what user data is collected by their apps and how that data is handled.