Google Wants to Simplify Its 2-Step Verification Process By Using Phone Prompts

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
After launching last week their new Backup and Sync app for Macs and Windows PCs, Google now announced that it wants to simplify and strengthen the 2-step verification process for users' accounts.

Starting this week, Google will send invitations to users who opted in for the 2-step verification method with SMS (Short Message Service) to try a new, simplified, and more secure Google prompt the next time they sign into their accounts. Instead of receiving an SMS, users can preview the new Google prompt sign in flow, which they can leave it enabled by default or return to the SMS-based one.

"Overall, this is being done because SMS text message verifications and one-time codes are more susceptible to phishing attempts by attackers," said Google. "By relying on account authentication instead of SMS, administrators can be sure that their mobile policies will be enforced on the device and authentication is happening through an encrypted connection."

Will work on both Android and iOS devices
Google says that it will send the invitations only to its 2-step verification SMS users, most probably is a gradual rollout during the next few days. Both Android and iOS devices are supported, though iOS users need to install the Google Search app from the App Store to be able to receive the new Google prompt.

Those who opted in for signing into their Google accounts with security keys are not affected by this change, nor enterprise edition domains, which can now enforce their security keys for better protection. Even if you opt out of using the new Google prompts, you'll still be asked to switch to it after six months, according to the blog announcement.

The new mobile promts will be available to all end users, as well as to all G Suite editions. Google revamped its 2-step verification process last time in February 2017, when it enabled encrypted connections by default for all sign-ins and allowed users to block unauthorized access to their accounts via real-time security information.





google-wants-to-simplify-its-2-step-verification-process-by-using-phone-prompts-517007-3.jpg
 

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
My laptop browser is frequently "forgetting" its login (I suspect CCleaner), and my phone is seldom conveniently with me, so 2-step is a bit of an annoyance. There should be a way to authenticate from my IP, my hardware, or my wifi connection that would authenticate my username/password login.
 
  • Like
Reactions: NikolayfromRussia

NikolayfromRussia

Level 16
Verified
Top Poster
Jul 3, 2014
750
It's annoying for me to place a mobile number for verification during gmail sign up. I have about 25 different gmails created many years ago. I need too many gmails to get some keys from promos and other things. That time it was very easy to open a new gmail email but now it asks for a mobile. There is a good Russian service where I can get a virtual phone number for 20 minutes to receive a confirmation sms. It costs me about $0.05 (5 cents) to order a virtual number
 

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
My laptop browser is frequently "forgetting" its login (I suspect CCleaner), and my phone is seldom conveniently with me, so 2-step is a bit of an annoyance. There should be a way to authenticate from my IP, my hardware, or my wifi connection that would authenticate my username/password login.
You can make exclusions for sites in CCleaner to prevent that from happening.
 

hirudora56

Level 1
Verified
May 16, 2017
25
I have been using this feature for a month now. And I must say it is really neat. Also no hassle of manually input of codes from SMS.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top