Reading Time: 4 minutes
Google has announced auto-implementation of 2FA in some accounts. Joydev tells us more about it, exclusively for Different Truths.
Do you ever wonder, ‘how strong is my password’ in the current times when there are reports of data breaches and privacy threats all around? According to Google, the search for ‘how strong is my password’, increased by 300 per cent, in 2020. Google believes even the strongest password can be compromised and used by an attacker and hence has rolled out a feature, announcing in one of its blogs, to introduce 2FA or Two-Factor Authentication, also known as 2SV or Two-Step Verification for the Google accounts.
Google will soon start automatically enrolling its users to 2FA if their accounts are appropriately configured. You might be getting Google Security Checkup notification very often these days. Be sure to get it updated to be eligible for the 2FA. You will very soon see Google has implemented 2FA security to your account to make it more secure and updated. Let us understand more about 2FA.
Google will soon start automatically enrolling its users to 2FA if their accounts are appropriately configured.
What is 2FA?
Two-Factor Authentication or Two-Step Verification provides an extra layer of security to the online accounts logged in to various devices by asking for additional login credentials. In single-factor authentication, one can just login to any account with username and password only. But in 2FA, besides providing a username and password, one has to enter a second ‘factor’ to prove the identity or authority. The ‘factor’ here refers to any secondary way to validate one’s identity, which only the user has access to.
How Does 2FA Work?
2FA provides a shield to your online accounts and data by adding one extra layer of security to them. This makes it difficult for the hackers to break into your accounts even if they have hands-on your passwords. After using the username and password for a secured login to any account, it asks for the additional information that the user has provided. It may be in any form, either a Personal Identification Number (PIN), a security question, a one-time authorisation code sent to a third-party device, biometrics, facial scan, or voice recognition.
2FA provides a shield to your online accounts and data by adding one extra layer of security to them.
Security and privacy being the primary concern of the users, high-value websites that need an account to be set up usually asks the users to set up two-factor authentication by providing any of the above-mentioned ways while setting up the account. One has to enter any of these options provided by the website besides setting up a strong and secured password. Some devices like Apple too ask its users to set up 2FA in case one forgets their Apple ID.
Types of 2FA
The type of 2FA you will have to use depends on the organisation and the type of device you are using.
The type of 2FA you will have to use depends on the organisation and the type of device you are using. Organisations usually have different 2FA modules for desktops and hand-held devices, be it smartphones or tablets. Here are a few kinds of 2FA you may have to set up.
· OTP through SMS/Text messages – It is one of the most common and widely used methods of 2FA. Once you put your username and password for log-in, a One-Time Password/Code is sent to the mobile number you have registered with the account through SMS/Text message. This protects any unscrupulous log-in attempt as the code is only sent to the personal number that is used to set up the account. There is no option to change the phone number unless one logs-in successfully.
· Security Questions – While setting up an account, the website may ask very sensitive and personal questions that can be used for 2FA. Questions like the name of your pet, name of your first school, or your most used social media are usually asked to set up this. In case the website/app feels there are any unethical activities, it prompts the user to answer those questions before logging-in to the account. Make sure you do not forget the answer to such questions!
· Biometric Authentication – This authentication process is more secure and safe. It asks the user to present any physical attribution of the user to gain access to the account. The physical attributes include voice, face, or fingerprint. It is almost impossible to replicate someone else’s voice, face, or fingerprint unless the device used for logging-in is compromised.
· Hardware Tokens – Widely used by businesses, the hardware tokens are digital fobs, just like keychain that pushes numerical code every 30 seconds. After entering the username and password, a security code starts blinking in the fob that stays for 30-seconds. If not used in 30-second, the code immediately changes. It is apt for extremely sensitive accounts containing secured information. Business chains using sensitive data usually use these tokens for 2FA.
· Software Tokens – Similar to hardware tokens, businesses or the users just have to download a secured application linked to the account. During the login process, the security codes are generated in the software containing an alpha-numeric set of codes that remain active for 30 seconds.
With Google’s announcement, users need not worry anymore to secure their account as Google is taking effective steps…
With Google’s announcement, users need not worry anymore to secure their account as Google is taking effective steps to secure the accounts as much as possible. Keep visiting the security check up centre of your Google account and always keep it updated for the auto-enablement of the 2FA to your account.
Visuals by Different Truths
