Gmail two-step verification: Less than 10% of Google users have its most important security feature enabled
It makes it harder for people to break into your account, even if they have your login details
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.One of Gmail’s most effective security features is hardly used by anyone, Google has revealed.
Two-factor authentication (2FA) has been enabled on less than 10 per cent of active Google accounts, the company says.
The feature is designed to make it much harder for people to break into your account, even if they have your email address and password.
With 2FA enabled, you’ll be required to enter an authentication code in addition to your login details.
As Google puts it: “You sign in with something you know (your password) and something you have (a code sent to your phone).”
You can turn it on by clicking this link and following Google’s step-by-step instructions.
“Codes are uniquely crafted for your account when you need them,” says Google.
“If you choose to use verification codes, they will be sent to your phone via text, voice call, or our mobile app. Each code can only be used once.”
Asked why 2FA isn’t mandatory on all accounts, Google software engineer Grzegorz Milka said the company fears the feature could turn users off.
“The answer is usability,” he told The Register. “It’s about how many people would we drive out if we force them to use additional security.”
Google lets you choose not to use two-step verification on a particular computer. When you sign into your Gmail account on that computer, it will only ask for your email address and password.
On other computers, two-step verification will be required.
The company recently revealed the biggest risks to users of Google services.
In the space of 12 months, it found 788,000 login credentials stolen via keyloggers (tools that secretly record every key you press), 12 million stolen via phishing (a method of tricking you into giving up your personal information), and 3.3 billion exposed by third-party data breaches.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments