Two-step sign-in to strengthen Gmail security
Google is offering two-level authentication to counter the threat of passwords being cracked.
It will make a two-step phone-based verification process available to all consumers who want to upgrade, and would apply to services such as Gmail.
“Two-step verification requires two independent factors for authentication, much like you might see on your banking website: your password, plus a code obtained using your phone,” security product manager Nishit Shah said on the Google blog.
“It’s an extra step, but it’s one that significantly improves the security of your Google Account because it requires the powerful combination of both something you know — your username and password — and something that only you should have — your phone.”
The service was actually launched last year, but until now has only been available to customers using Google’s paid-for Apps.
Under the opt-in service, users would register a mobile phone with the company. Each time they logged in with a password, Google would send a code to the handset. Only once subcribers input the code could they access the account.
Consumers could also generate codes themselves using a mobile application on Android, BlackBerry or iPhone devices.
Google said users will be able to sign up to the two-step security system in the next few days. The initial sign-up process could take up to 15 minutes and would include various options for second phones and back-up codes in case users lose their primary phone.