In recent news, Google has made significant changes to its two-factor authentication (2FA) system setup process. With this update, users can now add a “second-step method” directly to their account, such as an authenticator app or hardware security key, instead of entering a phone number. This update simplifies the configuration process and enhances security by allowing users to use alternative verification options before activating the 2FA system.
Google’s two-step verification (2SV) system previously required users to add their phone number to verify account access by receiving an SMS code. However, with this latest update, users can now choose other verification methods like authenticator apps or hardware security keys from the get-go. Users are encouraged to use time-based, one-time password applications like Google Authenticator for enhanced security.
Hardware security keys provide an additional layer of protection for those who prefer more secure authentication methods than SMS messages. Google offers two options for adding these keys: registering a FIDO1 credential or a FIDO2 credential in the ‘Access keys and security keys’ page based on industry standards that assess the security and interoperability of authentication solutions.
Google has assured users that their authentication data won’t be automatically deleted if they choose to disable two-step verification. The update is being rolled out gradually for all Google Workspace customers and personal Google account users.
Overall, this update aims to enhance security and simplify the authentication process for Google users by providing more options for securing accounts and accessing them securely, reducing reliance on less secure methods like SMS verification.
