:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/HFMOZ5M6YRDDFLULMC4J6WV5ZE.jpg)
Google has recently updated its two-factor authentication (2FA) system to allow users to add a “second-step method” directly to their account, such as an authenticator app or hardware security key. This update offers users more secure options for verifying their account access and reduces the reliance on less secure methods like SMS verification.
Until now, Google’s two-step verification system required users to enter their phone number and receive an SMS code to verify account access. However, with this latest update, users can choose from alternative verification options like passkeys or 2FA without going through the SMS verification step first.
Google states that this update simplifies the configuration process and allows users to directly use alternative verification options before activating the two-step verification system. This is especially beneficial for those who prefer authentication methods that may be more secure than SMS messages, which can potentially be intercepted.
Users will now have the option to choose other verification methods, such as authenticator apps or hardware security keys, from the get-go. Google recommends using time-based, one-time password applications like Google Authenticator for enhanced security.
For those interested in using hardware security keys, Google provides two options to add them to the account within the ‘Access keys and security keys’ page. Users can register a FIDO1 credential or a FIDO2 credential in these keys, based on industry standards that assess the security and interoperability of authentication solutions.
Google has assured users that their authentication data won’t be automatically deleted if they choose to disable two-step verification. The update is being rolled out for all Google Workspace customers and users with personal Google accounts gradually.
In conclusion, this update aims to enhance security and streamline the authentication process for Google users by offering more options for securing accounts and accessing them securely, reducing reliance on less secure methods like SMS verification.
