The Google logo is shown on a screen during a keynote address at the Consumer Electronics Show on Jan. 5, 2017, in Las Vegas. (Photo by Ethan Miller/Getty Images)
Google announced in May a plan to automatically enroll millions of users in two-step verification by the end of 2021. On Tuesday, it released early results from the project: auto-enrolled accounts were half as likely to be compromised as unenrolled ones.
According to a new blog post from Guemmy Kim, director of account security and safety, Google has successfully auto-enrolled more than 150 million Google accounts and 2 million YouTube accounts — which is in line with keeping up with proposed goals announced in October.
"We don’t just plug security holes; we work to eliminate entire classes of threats for people who depend on our services," wrote Kim.
Kim believes that the dramatic decline in compromises of two-step verified accounts could be a valuable lesson to how to best manage accounts on any platform.
"This decrease speaks volumes to how effective having a second form of verification can be in protecting your data and personal information," he said.
Using two-step verification goes hand-in-hand with general security hygiene. Multi-factor authentication is offered as baseline security advice for everything from ransomware to nation-state attacks.
Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.
TechCrunch reports that the Office of the Privacy Commissioner of Canada and the UK's Information Commissioner's Office have partnered to conduct a joint probe into last year's massive data breach at 23andMe, which resulted in the compromise of sensitive information belonging to 6.9 million users.
BlackBerry-owned cybersecurity firm Cylance has confirmed having its data compromised as a result of a "third-party platform" breach following a post by the threat actor dubbed "Sp1d3r" peddling the exfiltrated information for $750,000, BleepingComputer reports.
Google announced in May a plan to automatically enroll millions of users in two-step verification by the end of 2021. On Tuesday, it released early results from the project: auto-enrolled accounts were half as likely to be compromised as unenrolled ones.
You can make 2-Step Verification optional or required for your users. We recommend enforcing 2-Step Verification for your administrator account and users who work with your most important business information.
With 2-Step Verification, also called two-factor authentication, you can add an extra layer of security to your account in case your password is stolen.
2SV enhances security by asking people to provide something beyond just their password—something that hackers or password thieves are unlikely to have.
If you lose your phone with Google Authenticator on it, you should erase your phone remotely and use an alternative method to sign into your accounts with 2FA set up until you can install Google Authenticator on a new phone.
To help protect your account and data, you must verify it's you when you complete sensitive actions. This is Google's approach to provide multi-layered security. Google uses this to help protect your account against damage that a hacker might cause.
Google Workspace admin accounts will now require two-step verification to access. Google has announced it will be enforcing two-step verification (2SV) for admin accounts across Google Workspace. For some users, the requirement is already being enforced, with others to follow.
Each verification code is unique to your business and the location you provided. If you update your business address, only the code requested for your current address works. Verification codes expire after 30 days.
You should set up 2-step verification because doing so makes it very hard for anyone to take over your email account remotely. Without setting up 2-step verification, hackers could get into your account if they figured out your password.
Google uses this information to verify your identity, and to protect you and us from fraud and abuse. We store this data securely in your Google Account.
If you've lost access to your primary phone, you can verify it's you with: Another phone signed in to your Google Account. Another phone number you've added in the 2-Step Verification section of your Google Account.
Introduction: My name is Dan Stracke, I am a homely, gleaming, glamorous, inquisitive, homely, gorgeous, light person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.