Google Auto-Enrolling Users With Two-factor Authentication

Two-factor authenticaion keyboard key

With ransomware attacks on the rise, cybersecurity has been a top priority for businesses. Tech companies like Microsoft and Google are ramping up their security features, while organizations are taking steps to improve security at the employee level in an effort to reduce the risk of an attack.

Passwords are the weakest link when it comes to data security. However, solutions such as two-factor (or multi-factor) authentication provide users with an added layer of protection. Google recently announced they plan to auto-enroll millions of accounts into two-factor authentication. Here’s what that means for you and your organization.

What Is Two-Factor Authentication?

Two-factor authentication, as the name implies, requires two separate authentication methods in order for a user to log into their account. In most cases, once a user enters their password, a secure code is sent to their email or cell phone. They must then enter this code in order to finalize their login.

SIM Swapping: A New Hacking Method

Although two-factor authentication provides users with an effective means of securing their accounts, it is not foolproof. Every time new security measures are put in place, hackers begin looking for ways to get around them. SIM swap attacks (also called “port-out attacks” or “simjacking”) have become more common, with hackers gaining access to a user’s phone number and intercepting the two-factor authentication code.

Although data on the frequency or severity of SIM swap attacks is relatively limited, the CRTC reported nearly 25,000 cases of phone number fraud between August 2019 and May 2020. Keep an eye on your phone—a sudden, unexplained loss of service could indicate that you are being targeted in a SIM swap attack.

What’s Next for Google?

Despite the risk of SIM swap attacks, two-factor authentication remains one of the most effective ways to reduce the risk of unauthorized logins on your accounts. That’s why Google is planning to auto-enroll at least 150 million Google users and 2 million YouTube users into two-factor authentication before the end of 2021. New improvements are also being made to Chrome’s password manager.

If you’re concerned about your account, Google is also providing additional security measures. Android phones have built-in security keys, while iPhone users can download the Google Smart Lock app. This effectively turns your smartphone into a physical security key, providing an alternative to SMS-based two-factor authentication codes.

Don’t want to wait until you’re automatically enrolled? Two-factor authentication is currently available to all Google users. Go to and click on ‘Security.’ Scroll down to where it says ‘Signing In to Google’ and click ‘2-Step Verification.’ Then, just follow the prompts to set it up!

The “IT Guardian Angels” at BSC Solutions Group are committed to providing small- and medium-sized organizations with the cybersecurity solutions they need. We’re here to help you stay protected and reduce the risk of a ransomware or other cyber attack. Visit our website to learn more, or give us a call at 1(800)-958-2341 for a free consultation today!