We often remember the importance of strengthening our security on the Internetwhich we can do in different ways: using a good password manager, reviewing the security settings of our router, opting to use a VPN when connecting to public networks and activating the two-step authentication, among other measures.
By emphasizing the importance of enabling two-step authentication or 2FA, this technology allows us to add an extra step to the identification process: it is not enough to enter the username and correct passwords, but we need to confirm that we are the ones using an additional factor. Google has just announced a major update to its 2FA setup process which further strengthens the system.
You no longer need to enable SMS verification to use 2FA
Until now, all users who enabled two-step authentication for their Google account for the first time were required to provide their phone number to confirm access to your account by SMS. Google’s update removes the requirement to configure SMS verification, significantly improving system security.
Although once SMS verification was enabled it was possible to opt for another, more secure method (like two-step authentication apps or security keys), you had to enable SMS verification first. With this change, two-step authentication It is easier to configure and much more secure.
The reason is that while SMS verification is better than no two-step authentication, This is a much more vulnerable method such as code applications or security keys. The culprit is the method known as SIM Swapping, which allows other people to obtain our phone number and receive verification codes to access our accounts.
Thanks to the update we are talking about, it will be possible to directly opt for safer verification methods, like two-step authentication apps or the aforementioned security keys. These tools allow us to verify our identity by entering a security code generated on our device or by using a physical key that we will have to carry with us, respectively.
On the other hand, Google has changed what happens if we decide to disable two-step authentication. Until now, if we deactivated this function, all associated security measures (such as backup codes or the linked phone number) were automatically deleted, but they will now remain in our account.
At this point, it’s worth noting that the update is available to both Google Workspace users and users with a personal Google account.
Cover image | Microsoft Designer Image Creator (with editing)
Via | Android Authority
In Xataka Android | Two-Step Authentication Apps: What They Are, How They Work, and the Best Options
