With security breaches becoming common these days for many online services, you cannot just depend on the so-called password protection anymore. The instances of leaked usernames and passwords are not scarce anymore. But for a long time, the concept and practice of two-step verification did not get a massive applause just because of the harassment and time constraints involved. But two-step verification nevertheless is effective in adding an additional security layer making it more difficult for malicious attackers breaking into the accounts.
Verification is an obvious requirement and it must be stronger to protect our privacy and data security on the web. But, what are the drawbacks of making verification stronger by introducing two steps? Well, to talk from a user point of view it is often perceived as a time taking procedure almost comparable to a harassment. While generally you only need to type in the username and password, two-step verification will need you pull out the phone from your pocket or purse, unlock the device and then retrieve the verification code sent to your message inbox. While you enjoy a fairly robust security thanks to this process, it is inexpressibly annoying to go through such procedure.
Google keeping conformity with the emerging need for tighter security for its online services and also the need of addressing the user concerns in terms of ease, rolled out a two-step verification prompt for all its online services. Actually, the new Google prompt is just a single-click affair requiring no extra time for the users. While the effectiveness of two-factor authentication for online accounts and services is hard to resist, the perceived hassle contributed to the avoidance setting up such authentication by a large number of users. The new prompt from Google is designed to reduce that irritation to the minimum.
How does it work?
Google has primarily rolled out the feature for all Google apps and gradually for all users over Android and iOS platforms. The new feature allows users log into different Google apps including Gmail, Calendar, Maps, etc. by authenticating only with binary choices of yes or no. Moreover, by just approving sign-in request over a prompt you can access the service instead of confirming through email or text.
Let us explain the process with some lively examples. If you are login into Google Drive from your desktop, a notification message appearing on your mobile device will check whether you are the person responsible for accessing the service from another desktop. Just by tapping on "Yes, allow sign-in" option you give permission for the access and by tapping on the "No, deny sign-in" option you deny the access from another device. This is so simple that you do not need to verify the user authentication by typing any verification code consisting of number, letter, or character.
Does it sound good and hassle free? Do you want to activate it? Well, all you need to do for activating this feature is to visit the ‘Sign-in Security’ option within ‘Signing in to Google’ section of the My Account page and then enable 2-step verification.
Besides the alerts sent to the mobile device used by the Google service user, this feature also offers the regular two-factor authentication through Security Keys and you need to insert this code into the USB port of your computer when Google asks you during the setup process. Though, until now any of the two security features works at a given time, either the new prompt or the security key.
Implementations and Conditions
The new Google prompt can be turned on in Android simply by using Google Play Services and all that users need is to update the Android to the latest available version. On the other hand, iOS users require installing the Google Search app on their iPhone, iPad or Macbook to use the feature.