Google will soon make two-factor authentication mandatory

2FA
(Image credit: Google)

In order to commemorate this year's World Password Day, Google has announced that it will soon start automatically requiring two-factor authentication (2FA) for user accounts.

According to a new blog post from the search giant, passwords are the single biggest threat to your online security as they are easy to steal, hard to remember and managing them can be tedious. While many users try to come up with long and complicated passwords, this can also put their security at risk as they are more likely to reuse the same password across multiple online accounts. If one account is compromised, all of their accounts are then vulnerable.

This is why many users have begun to rely on password generators to create strong, complex passwords and password managers to store them securely online. Most modern browsers, including Google Chrome, have password managers built in but if you're looking for additional security, you can always sign up for a paid service such as LastPass.

Google's password manager is entirely free to use and one of the best things about it is the fact that its integrated into the company's single-click Security Checkup which can tell you if any of your passwords have been compromised or involved in a data breach.

Two-step verification

One of the best ways to protect your online accounts is to have a second form of verification in place as this allows them to confirm that it is really you trying to log in. 

Google has been doing this for years by asking users to enroll in two-step verification (2SV) to confirm it's really them by tapping on a prompt on their smartphone whenever they sign in. However, soon the company will begin automatically enrolling users in 2SV if their accounts are properly configured.

At the same time though, Google is also building advanced security technologies into devices to make its multi-factor authentication seamless and even more secure than a password. For instance, the company has build security keys directly into Android devices and brought its Google Smart Lock app to iOS to allow users to use their phones as a secondary form of authentication.

Director of product management, identity and user security at Google, Mark Risher explained in a blog post that until we move to a passwordless future, the company will continue its work to keep its users' passwords safe, saying:

“One day, we hope stolen passwords will be a thing of the past, because passwords will be a thing of the past, but until then Google will continue to keep you and your passwords safe.”

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.