Google recently began moving people away from receiving two-step verification codes via SMS. Now, when you sign into your account you may receive an invite from Google to start receiving prompts via the Google app instead of codes through text messaging. The company is making this move because its new prompts are more secure than SMS. They also make the process of signing into your account quicker and easier.
WHAT IS TWO-STEP VERIFICATION?
Two-step verification adds a layer of security to your online accounts. Instead of entering just your password you need to enter your password and a verification code sent via SMS or a prompt via an authentication app. This means that a hacker would have to steal both your password and your phone to access your account.
Now, hackers have been able to trick carriers into porting a phone number into a new device, in a move known as a SIM swap. This means that a hacker does not even need your phone to gain your two-step verification codes. Also, if you sync messages with your laptop or tablet, you run the risk of exposing your codes to hackers if they steal the device.
Instead of two-step verification via SMS, Google suggests that you use apps like Google Authenticator, Microsoft Authenticator, or Authy. With these apps, your verification codes stay within the app even if a hacker manages to move your number to a new phone. Furthermore, codes expire quickly, usually after 30 seconds.
There’s also Google Prompt. This feature lets you receive codes without SMS or a separate authentication app. It is connected to Google Now on Android and the Google Search app for iOS.
DO YOU NEED TWO-STEP VERIFICATION IN THE FIRST PLACE?
Yes, you do. In addition to creating strong passwords and using different passwords for each of your accounts, setting up two-step verification is the best move you can make to secure your online accounts. Two-step verification is better than one-step verification, at the very least.