IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google will auto-enrol 150 million users in 2FA by end of 2021

An additional two million YouTube creators will also be required to switch it on the 2SV feature by the end of the year

Google has announced plans to automatically enrol an additional 150 million users in two-factor authentication (2FA) by the end of 2021.

Known as two-step verification (2SV), the security feature combines the use of a password with a mobile device or a security key in order to diminish the chances of unauthorised access to accounts and networks. For instance, users signing in to their Gmail account, particularly when using a new computer for the first time, are asked to tap a prompt on their smartphone to authorise the login.

In a blog post published on Tuesday, the tech giant stated that enabling security protections by default is “the best way to keep [their] users safe”, which is why it's moving to ensure that more accounts have the 2SV feature switched on:

“By the end of 2021, we plan to auto-enrol an additional 150 million Google users in 2SV,” it announced, adding that an additional two million YouTube creators will be required to turn the feature on by the end of the year.

The tech giant acknowledged that not everyone has access to a smartphone or a security key, noting that it is “working on technologies that provide a convenient, secure authentication experience and reduce the reliance on passwords in the long-term”.

“We know security keys provide the highest degree of sign-in security possible, that’s why we've partnered with organisations to provide free security keys to over 10,000 high-risk users this year,” it stated.

Google said that users will be able to benefit from built-in security key capabilities in Android phones as well as its Google Smart Lock app for iOS, adding that its 2SV technology is automatically supported by “two billion devices around the world”.

In a Twitter post, Google product manager Sriram Karra said that today’s announcement “is just the beginning”. 

“The 150m 2SV user count is staggering already if you look at it in the broader industry context. For e.g. Twitter recently announced ~2.5% of its ~350m active users have 2SV - that's ~9m user accounts,” he stated.

Related Resource

How to secure workloads in hybrid clouds

Cloud workload protection

Whitepaper front coverFree download

Companies across the tech industry have been working to strengthen account security and minimise users' reliance on passwords. In June, Twitter announced that its users would be able to use a security key as their only 2FA method, while in September, Corporate VP of Microsoft Security, Compliance and Identity, Vasu Jakkal, stated that customers “can now completely remove the password from [the] Microsoft account”.

However, 2FA has also been the target of cyber criminals. Earlier this week, Coinbase sent out letters to 6,000 customers informing them that hackers managed to exploit “a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor (2FA) authentication token”.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Most Popular

Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022
Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022