Google is rolling out a primary update to its two-factor authentication (2FA) process. It is adding a new method to allow 2FA setup via using ‘second step methods’ such as Google Authenticator, or a hardware security key. At present, customers have to provide their cellphone wide variety earlier than being able to add an authenticator app.
In a Workspace replace weblog post, Google writes “We’re simplifying how users turn on 2-Step Verification (2SV), which will streamline the process, and make it less complicated for admins to put into effect 2SV policies in their organizations.”
What does this suggest for users?
With the new update, OTP-based verification does now not continue to be a mandatory step for setting up 2FA.
This means that users can both pick out a time-based code generated through an authenticator software or they can join a physical security key.
As per the weblog update, customers with hardware safety keys will have two preferences to add them to their account on the “Passkeys and safety keys” page.
They can either choose the ‘security key’ method to register a FIDO1 credential on the safety key. Alternatively, they can create a passkey and observe guidelines to ‘use another device’. This registers a FIDO2 credential on the security key, and will require users to use the key’s PIN for nearby verification.
Google says that customers will continue to be requested for their password alongside with their passkey if the admin policy for “Allow users to ignore passwords at sign-in via using passkeys” stays turned OFF. However if a user turns off the two-step verification from their account settings, their enrolled second steps such as backup codes, Google Authenticator, or 2d factor telephone will no longer be automatically removed from their account.