The company claims that users with two-factor authentication (2FA) see a decrease in account breaches by 50%.
Combating the ever-growing risk of a compromised account, last year, Google started auto-enroll millions of its users to use 2FA, or two-step verification as Google calls the security measure.
There’s plenty of reason for the mass use of 2FA. Last October, Google’s anti-hacker team warned 14,000 Gmail users about a phishing campaign carried out by Fancy Bear, a Russian government hacking group.
The company expanded the 2FA program to include additional steps users need to access their accounts. 150 million Google users and 2 million YouTube creators had 2FA auto-enabled.
“As a result of this effort, we have seen a 50% decrease in accounts being compromised among those users,” Guemmy Kim, Google’s Account Security, and Safety director, said in a blog post.
The company also states it aims to reduce reliance on passwords, adopting security keys. At the same time, user passwords can be stolen and sold in batches of millions. It’s much more challenging to collect the same amount of security keys without anyone noticing.
2FA and multi-factor authentication (MFA) dramatically reduce the risk of a successful phishing attack since obtaining a victim’s password is no longer enough.
A 2019 study by Google showed that adding a recovery phone number to Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks that occurred during our investigation.
Meanwhile, Microsoft claims that MFA can increase the level of security by a staggering 99%.
According to the Cybersecurity and Infrastructure Agency (CISA), MFA increases security because if one authenticator is compromised, unauthorized users will not meet the second authentication requirement.
More from CyberNews:
Subscribe to our newsletter