Less than 10% of Gmail Users have Two-Factor Authentication Enabled

Less than 10% of Gmail Users have Two-Factor Authentication Enabled

If you don’t utilize Gmail’s two-factor verification, you’re not alone. At the Usenix Enigma 2018 security gathering this week, Google software engineer, Grzegorz Milka uncovered that more than 90 percent of active Gmail clients haven’t employed two-factor authentication on their accounts, and that 10 percent of the individuals who have enabled it is having issues making sense of how to utilize the SMS validation codes sent to their phones.

Two-Factor Authentication

The Register asked Milka why Google didn’t just make two-factor mandatory across all accounts, and the response was telling. “The answer is usability,” he replied. “It’s about how many people would we drive out if we force them to use additional security.”

Further Reading: 7 Ways I.T Admins Can Secure Accounts Against Phishing in G Suite

Two-factor authentication, or 2FA, is the protocol that includes an additional layer of authentication to the login procedure. When 2FA is enabled on an online service and you enter your username and passkey, you are prompted for an extra piece of information before you are permitted to sign in – normally an arbitrarily created series of letters and numbers sent through a text message or an application such as Google Authenticator. Other forms of 2FA require special hardware code (usually in the form of a USB keyfob such as Yubico’s Yubikey) certified by the FIDO Alliance, the industry consortium entrusted with creating interoperable security principles.

In October, a new method was introduced for the 2FA that replaced SMS with “Google Prompt“, a confirmation screen incorporated with Google Play services on Android and Google’s application on iOS. It doesn’t expect you to enter a passphrase, rather utilizing inference like the geographical location of your phone and the time of day checking your identity. The company also launched a new service, Advanced Protection Program, requiring high-level accounts for the use of security devices USB 2FA hardware instead of Google prompt or SMS.

Descasio Limited can help you determine the right set up to meet your specific business needs. Contact us to support your business anytime!

* Your Email address is secured and private.
0 7
Ikechukwu Onu
Ikechukwu Onu is a content creator at Descasio Blog, and he aspires to put in the most complicated cloud computing technological concepts in the simplest words and phrases possible. He serves as Digital Marketing Associate for Descasio Limited. When he isn’t designing or writing killer content, you’ll find him answering tech support questions from friends and family, going out for outreach, hang out with friends, or eating my snacks while watching Netflix.

Leave a Reply

Your email address will not be published. Required fields are marked *