Summary
- Simplify 2FA setup for Workspace users by ditching phone number requirement.
- Enhance user security with new 2FA update, adding second-step methods.
- Improved security measures ensure user safety even when 2FA is turned off.
Enabling two-factor authentication (2FA) is the most recommended method by apps to enhance user’s security and block unauthorized access. You can now set up 2FA through an SMS verification code or using authenticator apps, such as Google Authenticator. While you traditionally need a phone number to set up 2FA, Google’s recent update is about to change this by ditching the phone number requirement — starting with Workspace users.
Protect your digital privacy on Android with a few simple steps
You don’t need to share all of your data with Google
As Google noted on its blog, the company aims to simplify the two-factor authentication setup for Workspace users and make it easier for admins to push members to activate 2FA. With the new update, users can now add “second-step methods” such as Google Authenticator or a hardware security key before activating 2FA. This way, users can receive a time-based one-time password through their authenticator app or other preferred methods.
Google won’t ask you to enter a phone number for setting up two-factor authentication
Additionally, users who rely on hardware security keys will have two options on the “Passkeys and security keys” page to connect their security keys. The first method is to register a FIDO1 credential on the security key, and the second method is to create a passkey. Google also notes that users might still need to enter their password and the passkey if admin settings obligate them to do so.
Google has introduced another significant enhancement to its two-factor authentication process, focusing on enhancing user security. When a registered 2FA user turns off the 2FA settings, their backup codes, Google Authenticator, or second-factor phone are no longer automatically removed from their account. This change provides an added layer of security, as before the update, if a user turned off 2FA, all their associated information was removed. This update ensures that even if 2FA is turned off, the user’s security measures remain intact, instilling a sense of safety in the audience.
It’s important to note that once an admin disables 2FA for a member through the Admin console or via the Admin SDK, all associated security measures will be removed as before, ensuring a comprehensive security system.
Google has started rolling out the update to both Workspace customers and users with personal Google accounts. You can now check your account to see if it is available to you.
Recognizing the constant security risks faced by Android users, Google is taking a proactive approach to enhancing the two-factor authentication process. This update is a welcome addition to the operating system, demonstrating Google’s commitment to user security. Android users often face security threats such as phishing attacks or unauthorized access to their accounts. With this update, Google is providing a more robust 2FA system, making it harder for attackers to breach your account. It’s anticipated that Google will further emphasize the importance of such security measures with the launch of Android 15.