Activating two-step verification by default affected 150 million Google users and 2 million YouTube creators. Moreover, a 50% decrease in accounts being compromised could be a significant achievement for Google’s security team. Google has announced this in a blog post to homage Safer Internet Day on February 8th. Google says the successful implementation of the project could demonstrate the company’s strength in securing user accounts by default. By the same token, it can pave the way for a future without passwords.
Google increases security with two-step verification (2SV)
Users could also enable 2SV before it comes by default. However, many users were negligent in inactivating it. This negligence led Google to make 2SV mandatory for all users. Activating two-step verification is Google’s primary strategy to increase account security. This way, users would need a security key or phone to receive codes via app or SMS to enter their accounts, plus the regular password. The adoption of 2SV has always been a problem for Google. In 2018, a Google engineer said that 90 percent of active Gmail accounts were not using two-factor authentication. Now, the company is striving to make it mandatory for all users.. In addition to adoption, the lack of understanding and awareness about the benefits of 2SV led users not to activate it for their accounts. Gummy Kim, director of account security and safety at Google, says that “there is a lot of educating that needs to happen with 2SV, and we want users to understand what it is and why it’s beneficial.” Two-step verification is not a new security measure, and many social platforms have been using it for almost a decade. Twitter rolled out 2SV in 2013, but the company says that only 2.3 percent of its active users have enabled 2SV for their accounts. The adoption of 2SV for Facebook was around 4 percent in 2021. “We also need to make sure that users’ accounts are set up correctly with a recovery email and phone number so they can avoid account lockouts once 2SV is enforced. We’ve already enrolled users that we deem to be early adopters and whose accounts were 2SV ready,” Kim added.