SoylentNews is people
SoylentNews
In honor of Cybersecurity Awareness Month, Google said it wanted to make sure their products are secure "by default."
Google announced on Tuesday that it will be auto-enrolling 150 million of their users in two-step verification by the end of 2021. The platform will also force two million YouTube creators to turn on two-step verification by the end of the year as well.
In a blog post, Google Chrome product Manager AbdelKarim Mardini and Google account security and safety director Guemmy Kim said the best way to keep users safe is to turn on security protections by default.
"For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks. 2SV is strongest when it combines both 'something you know' (like a password) and 'something you have' (like your phone or a security key)," the two explained.
"2SV has been core to Google's own security practices and today we make it seamless for our users with a Google prompt, which requires a simple tap on your mobile device to prove it's really you trying to sign in. And because we know the best way to keep our users safe is to turn on our security protections by default, we have started to automatically configure our users' accounts into a more secure state."
In addition to requiring 2SV -- also known as two-factor authentication -- Google said it checks the security of 1 billion passwords and works to protect Google's Password Manager, which is built directly into Chrome, Android and the Google App.
(Score: 2) by maxwell demon on Thursday October 07 2021, @08:24AM
No. I don't have an account at Google, and I can live quite fine with that. I don't have a Facebook account, Instagram account, Tiktok account or Twitter account either. And still, I don't feel the need to kill myself.
I do have an email account, which I got when gmail didn't even yet exist. Maybe gmail does have a better web interface; I don't know and I don't care since I rarely use the web interface anyway. That email account is completely unrelated to Google, and I don't expect to need a smartphone for that.
For a while, my bank exclusively used SMS for online authentication; that obviously needed a phone, but not a smartphone. Now I could authenticate with a smartphone, but I can also authenticate with a dedicated device. And I'd continue using that device even if I had a smartphone, as I feel much safer that way (for a start, I'm not normally carrying that device with me, so there's little chance of losing it or anyone stealing it; also since you can't install apps on it, or use it for anything but authentication, I expect it to be far less hackable).
I am thinking about finally getting a smartphone, but that's basically because real-life processes are increasingly designed under the assumption that everyone has one. I'll probably need an account for that; but then, if I need the account only for the smartphone, it's not really a problem if I need the smartphone in order to access it.
The Tao of math: The numbers you can count are not the real numbers.