Google is implementing changes to streamline the process of setting up two-factor authentication (2FA) for its users.
Instead of the conventional method of entering a phone number to enable 2FA, users can now opt to add a "second step method" to their accounts, such as an authenticator app or a hardware security key, to facilitate the setup process.
Google announced this in a Google Workspace Update blog post on Monday.
This update aims to enhance the security of enabling 2FA by offering alternatives to less secure SMS verification.
Users have the option to input a time-based one-time passcode through apps like Google Authenticator or link a hardware security key, providing greater flexibility and choice in securing their accounts.
To link a security key, Google provides two options: registering a FIDO1 credential on the hardware key or assigning a passkey to it.
However, users with Workspace accounts associated with an organization may still need to sign in with a password, depending on their organization's settings.
The rollout of this change is being extended to all Workspace users and individuals with personal Google accounts.
Since Google introduced the ability for users to create passkeys last year, the company has witnessed over 400 million accounts adopting this additional security measure, reflecting a positive response from users to bolster their account security.
