Google immediately rolled out security updates on the Android operating system, by adding two-step verification (2SV). The beta version of the security update has been released.
“Two-step verification will make it difficult for attackers to gain access to user accounts as long as the user adds one more step in the sign-in, “Arnar Birgisson, software engineer and product manager at Google, said on the internet giant’s official blog.
This additional security layer makes Android users’ accounts and data safer because unknown sign-in attempts will be automatically blocked. In fact, if the attacker already knows the username or password of the victim.
Birgisson said, all forms of 2SV, such as text message codes (SMS) and notifications, indeed enhance user security. However, sophisticated attackers could still cope with the use fake website page (phishing) to steal personal user data, especially a username and password.
We consider security keys based on FIDO standards, like our Titan Security Key, to be the strongest, most phishing-resistant method of 2SV on the market today. These physical security keys protect your account from phishers by requiring you to tap your key during suspicious or unrecognized sign-in attempts.
To use the account’s new security features, Google asks users to add new verification via a physical button on the smartphone, such as a volume button or another.
Google believes that additional verification with a secret key, in the form of a physical button on the smartphone, will increase the security of the user’s account from cyber attacks. Attackers need more difficult efforts to break into user accounts.
The new security feature has been released by Google even though it is still in beta and can be run on Android 7.0 Nougat and above.
Google recommends that users use 2SV to protect both Google accounts and Google Cloud accounts at work.
The US internet giant also recommends the use of 2SV security for people in Google’s Advanced Protection Program, such as journalists, activists, business leaders and political campaign teams who are most at risk of being targeted by cyber attacks.
