Google is making it easier to set up two-factor authentication (2FA), also known as two-step verification (2SV), so users can easily and securely protect their accounts.
The new and improved process allows users to start setting up two-factor authentication (2FA) by selecting a direct security method, such as an authenticator app or a hardware security key.
In the past, setting up two-factor authentication required you to provide your phone number before adding an authenticator app.
SMS verification codes are an evolution of one-time password logins, although they are less secure than other two-factor authentication methods due to potential vulnerabilities.
With the update from Google, phone number verification is no longer a required step when setting up two-factor authentication.
Users can select a timecode generated by an authentication app (such as Google Authenticator) or follow the steps below to bind a device security key.
Google offers two ways to bind hardware security keys, and users can choose to store FIDO1 data about their keys or assign a key to a key.
If you have a Workspace account linked to an organization and want to use a key, you must also sign in with a password based on the specific settings created by the linked organization.
Google has also changed the way it works to disable two-factor authentication. Previously, disabling two-factor authentication meant removing all associated security measures such as backup codes, links to authentication apps, and automatically assigned phone numbers.
These associated security measures will now remain in effect even after two-factor authentication is deactivated.
Google is rolling out these updates to Google Workspace subscribers and users with personal Google accounts.
Since Google started letting users generate keys last year, more than 400 million accounts have started using it.