Google Offers Two-Factor Authentication Option

Thursday, February 10, 2011



Google announced the company is implementing an option for users to better secure accounts with two-factor authentication.

The system will use generated secure codes in addition to the regular username and password combination for account logins. reports the following:

"Starting Thursday all Google users can choose to turn on a so-called 'two-factor authentication' feature, which will require them to type in a special, short-lived  second password in addition to their normal password to get into their account. Users will be able to get the codes via SMS or a phone call, or use smart phone apps for Android, iPhone and Blackberry to generate the codes."

Security product manager Nifrak Shah said the new protocols will help protect accounts from unauthorized access by hackers and in the event of security breaches similar to the recent Gawker database exposures.

“We have seen instances where user accounts would have been compromised without this feature,” Shah stated.

The article warns that the feature is not necessarily quick to set up, and users should set aside a few minutes to enable the feature.

"That’s because users will have to navigate a few hurdles. For instance, users will be given the option to give out a backup phone number — either a landline or a trusted friend –, in case their phone is lost or broken. Additionally, programatic access to Google accounts, such as IMAP access to Gmail, won’t use the normal password and instead will have to be re-set with a special 16-character, randomly generated password."

The feature is currently only being made available to English speaking users, but versions for other languages should be issued in a matter of months.


Possibly Related Articles:
Network Access Control Privacy
Google Passwords Authentication Access Control Headlines Two-Factor
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.