If you have been using a Google account to log into all the websites that allow it for convenience, you will soon have to go through two-factor authentication. This is going to be done by Google with millions of accounts and is going to be imposing it for security reasons.
Google announced earlier this year that it plans to force a forced transition of millions of its users to two-factor authentication (2FA). The process has begun, so you may have received a notice that Google will soon ask you for two-factor authentication at the time of any login you do using your account.
Google asks for two factors and there is no discussion
Two-factor authentication, which Google calls “two-step verification” or “2SV,” requires you to use something other than your password and email to log in to an account. That second factor can be a code from a two-step authentication app, a confirmation message from a smartphone, or a physical security key, such as a USB flash drive. Simply put, a username and password will no longer be good enough to secure a user’s identity.
Google's support page details the self-enrollment process. Accounts that have been marked for 2FA will receive an email or notification about seven days before the requirement applies. Organizations with paid Google Workspace accounts will not be required to participate in 2FA as it will be up to the administrators to decide. Google added that only self-registering Google accounts have the proper backup mechanisms to make a smooth transition to 2SV, with those requirements being a recovery phone number that can receive codes via SMS or secondary recovery email.
What two-factor authentication or verification methods do we have on our mobile devices? For Google accounts, a valid 2FA method is built into every Android phone through the “Google Prompt” feature in Google Play Services, which displays a simple “yes” or “no” message when you log in on a new device. On iOS, the Google Search app, the Gmail app, or the dedicated Google Smart Lock app can receive Google Prompt requests for your account. You can also use 2FA codes through the Google Authenticator app, some third-party 2FA apps, or receive SMS, which require you to enter the security code sent to you. A security key that detects your biometric data is also an option.
Source: ArsTechnica
