Google Says Using Two-Factor Authentication Reduces Account Hacks 50 Percent

Google Says Using Two-Factor Authentication Reduces Account Hacks 50 Percent

Anyone with a Google account can confirm the big G takes password security seriously. The number of account security features added in the past few years is staggering, and a change made last year is having a particularly strong impact. According to Google, accounts on which it has required two-factor authentication have only half as many hacks as those protected with just a password by itself.

Two-factor authentication, or “two-step verification” (2SV) as Google calls it, requires the user to have a second login credential in addition to their password. That can be a one-time code delivered by SMS or a code generator app, or a simple push alert on your secured smartphone. You can also use physical authenticator keys that plug into your device. With 2SV enabled, even someone who knows your password can’t get into your account unless they also have your authenticator in hand.

The problem is that most people don’t go to the trouble of enabling 2SV on their accounts. That’s why Google said late last year it would start requiring people to turn on 2SV. It went on to make that the default for 150 million Google accounts, plus another 2 million YouTube creator accounts. Google has posted an update on its security measures in recognition of Safer Internet Day (February 8th), noting that account hacks dropped by 50 percent in the group Google enrolled in 2SV.

Google Says Using Two-Factor Authentication Reduces Account Hacks 50 Percent

Google tries to make 2SV as easy as possible, and it showed even before this campaign to enroll more users. As of last year, only 10 percent of Google accounts used two-factor, but that’s more than twice as high as Facebook’s numbers and four times higher than Twitter’s. Google supports code generator apps, USB keys, and push notifications. For most people, the phone notifications will be the method they use most. When you try to log in from a new device, Google will push a simple verification alert to your phone. Tap to verify it’s you, and the login will proceed.

We probably all know someone who’s gotten an important account hacked, and the fallout can be devastating. There’s the frustration of losing access to your data, but the hacker might attempt to use that data to steal money or impersonate you on other sites. Your entire digital footprint can be disrupted by a single password hack, and Google says turning on 2SV makes that only half as likely. That should be an easy call if you’re not already using two-factor. However, stick with reputable two factor apps and not one with hidden malware.

Continue reading

Few Gmail Users Enable Two-Factor Authentication
Few Gmail Users Enable Two-Factor Authentication

Data from a Google engineer shows that just 10 percent of users have enabled two-factor authentication, with only slightly more deploying a password manager. Security advocates hate him.

This Tool Can Hack Your Accounts Even with Two-Factor Authentication
This Tool Can Hack Your Accounts Even with Two-Factor Authentication

Famed hacker Kevin Mitnick shows how even this security measure can't completely protect your data if you don't remain constantly vigilant.

Hackers Use Phishing Emails to Harvest Two-Factor Gmail Codes
Hackers Use Phishing Emails to Harvest Two-Factor Gmail Codes

Conventional wisdom says that adding two-factor authentication (2FA) will keep your accounts safe from most phishing scams, but a new wave of sophisticated automated attacks is reminding us it isn't infallible.