Google to start switching on two-factor authentication by default

Typing in a code or tapping on a prompt adds another level of security to your accounts.
Typing in a code or tapping on a prompt adds another level of security to your accounts. Photo credit: Getty Images

Google is going to start automatically switching on two-factor authentication for users if their accounts are "appropriately configured," the internet giant has announced.

On World Password Day in the US, it outlined its hopes of stolen passwords being consigned to the dustbin of history because passwords themselves will become obsolete - but in the meantime highlighted how having a second form of verification is one of the best ways to protect your account.

"You may not realize it, but passwords are the single biggest threat to your online security – they're easy to steal, they're hard to remember, and managing them is tedious," wrote Mark Risher, Director of Product Management, Identity and User Security at Google in a blog post.

"Many people believe that a password should be as long and complicated as possible – but in many cases, this can actually increase the security risk.

"Complicated passwords tempt users into using them for more than one account, which makes all those accounts vulnerable if any one falls."

Two-step verification means users have to confirm a login attempt by tapping on a prompt on their phone whenever you sign in or confirming a code sent by SMS. That means any prospective hacker would also need access to your mobile device before gaining access to your account.

Users can check the status of their Google accounts in Security Checkup and can do a wider breach check on specialist sites such as haveibeenpwned.com.