Wednesday, November 4, 2020

Why is Google changing to phone notification as the default option for 2-step sign-in?


Source: freepik (senivpetro)


We live in a world with advanced security mechanisms such as biometric authentication. However, an important part of staying secure online is the use of something that’s probably been around for much longer; 2-step verification.   

Many services provide 2-step verification and (where appropriate) you can consider using it. It may be seen as troublesome due to the extra steps involved and this is one of the things that stops people from enabling 2-step verification. However, Google makes it simple with "Google Prompt".

In essence, the new "Prompt" simply sends a text alert to your mobile instead of delivering a code asking if you are trying to sign in. You confirm, and that's basically it. It signs you in instantly with the touch of a button. And, on top of that, it is available for both Android and iOS.

What this means is, after you insert your email address and password, you can secure your Google account with an extra login confirmation with a click. Alternatively,  it is possible to perform 2-Step Verification (2SV) through an SMS, Google Prompt, an authenticator app, or a security key.




Google Prompt

Google Prompt has been there for a few years and for users who allow 2-step verification, it's the primary option. Prompt is more reliable than SMS because, rather than a phone number, it is linked to your Google account.

It had to be switched on for each specific computer or smartphone on your account when Prompt was first introduced. Google later added a feature to utilize Prompt on any phone you sign on in 2018, which is convenient for anyone with a limited set at home. Today, it looks like it will be the default action.

Once you insert your Google login credentials on a site, Google Prompt will request a "yes" or "no" answer on your phone. It's simple and quick. Tap "yes" on your computer and proceed if you have just attempted to login somewhere. Or else, tap "no."


Devices available

On both Android and OS computers, Google Prompt works. On Android, you link your Google Account on the smartphone: Settings > Accounts > Add account > Google. You install the Google app on your iPhone or iPad, login to your Google account, and activate push notifications: Settings > Google > Notifications > Allow notifications.

Either way, to receive the "yes / no" prompt, you'll need a network link —just as you would with a Text message. In this day and age, having two-factor authentication allowed on all your online accounts, or as Google describes it 2-Step Verification (2SV), is remarkably important. The majority of services rely on SMS, but because of the possibility of hacking, that is highly insecure.


G Suite users

The new default authentication setting will apply only to people who have allowed 2-step verification. In the case of users of G Suite, if an entity has implemented the 2-step authentication option 'Only security key' for a user, there will be no improvement and the user will continue to be allowed to use security keys.

If you're a G Suite administrator, conduct a 2-step verification report to see the accounts are enrolled — or not enrolled —. Log in to https:/admin.google.com to see this article, go to Reports > Protection > and pick 'Register for 2-Step Verification' from the menu. (And if you are a G Suite administrator and have not yet implemented 2SV, for more information on setting up 2-Step Verification for your domain, see the G Suite support section.)


Alternative methods

Of course, all past Google 2-step verification techniques remain available. This involves the use of an app, a security key, SMS, and also backup codes (like Google Authenticator).

Backup codes should be created by almost any individual who uses 2-step verification. Backup codes are designed for one-time use: you can't use them again until you use one to log in. When you trigger 2-step authentication, print out your backup codes and save them safely for use in an emergency.

2SV can also be supported by a mobile app like Google Authenticator, Microsoft Authenticator, or Authy. The app generates a 6-digit sequence until linked to an account that you enter as the second stage in your authentication process (after your username and password). But in comparison to Google Prompt and SMS, which need network access, when your computer is out of coverage, these authentication apps generate 6-digit codes. These apps also function with most other sites, such as Salesforce, Dropbox, GitHub and many more, that offer 2-step authentication.


Security key

You may authenticate it with a security key, such as a Yubikey, for even greater safety. A security key adds an extra piece of technology to the method of authentication. It also defends against phishing-related attacks, as well.


No comments:

Post a Comment