Google Simplifies 2-Step Verification Process With iOS Search App Prompt

[MacRumors]

Google is making the two-factor authentication process to log into a user account a simpler affair by integrating it into the company's iOS search app.

Two-factor authentication adds an extra layer of security to users' Google Apps accounts by requiring them to enter a verification code in addition to their username and password when signing into their account. The two-step verification process prevents unauthorized access if someone obtains a user password.

Previously, users had to opt to receive a text message or phone call to get an authentication code, or alternatively use the Google Authenticator mobile app, which generates time-limited numerical codes that users needed to enter into their account log-in page.

The change, which is being rolled out from today, means that when a user tries to sign into a Google account with two-step verification enabled, a notification from the Google search app now asks if they are trying to sign in. A simple tap on the option "Yes, allow sign-in" quickly authenticates the account.

To enable two-factor authentication, users need to sign into Google's My Account section and select Google prompt under Sign-in & Security -> Signing in to Google -> 2-Step Verification.

Google notes that the option requires a data connection to work, and that it may take up to three days for the feature to appear across all account pages.

The Google app is a free download for iPhone and iPad available on the App Store. [Direct Link]

Article Link: Google Simplifies 2-Step Verification Process With iOS Search App Prompt

 

[Kajje]

Thanks Google to open your system for simple people who have the needs to simplify a simple task. I had to re-read this article several times to actually understand what my initial problem would have been.

Either this was a non-issue fixed by Google, MR did a terrible job to word it, or I indeed am part of the simple people group.

 

[brilliantthings]

Can't find any notification settings for the Google app. Wonder how these alerts are going to work.

 

[cerote]

Odd. Blizzard just did something similar with their authenticate yesterday.

Basically instead of code to put in it just asks if you are trying to sign in somewhere and you hit accept and it will let it sign in.

 

[cameronjpu]

Very smart. When traveling internationally many people have no way to receive a text or a call.

 

[paulskinner]

This was launched yesterday, not today. And I stumbled upon it completely by accident and enabled it everywhere without even realising it was a new feature. Damn handy though.

 

[balamw]

I don't get the incompatibility with Google Authenticator. Would have been better if they had used Authenticator as the app providing the notifications and that you should be able to use Authenticator codes to log in if your device doesn't have data.

Duo Security is still my favorite 2FA solution because of the fall backs. Push notification -> Authenticator code -> phone call or text -> printed backup codes.

B

 

[Zimmie]

Two-step verification and two-factor authentication are subtly different things. This is not two-factor authentication, and it is dangerous to conflate them.

 

[l00pback]

Two-step verification and two-factor authentication are subtly different things. This is not two-factor authentication, and it is dangerous to conflate them.

Would you please elaborate?

 

[cloudyo]

I prefer the generation of one-time codes on a device. Using 1Password i can generate the one-time codes on every device that has 1Password installed.

That way i'm not locked out of my Google Account if i lose my phone.

 

[Telos101]

Two-step verification and two-factor authentication are subtly different things. This is not two-factor authentication, and it is dangerous to conflate them.

To be fair, Google also uses the two terms interchangeably.

https://support.google.com/accounts/answer/185839?hl=en

 

[Fiestaman]

I prefer the generation of one-time codes on a device. Using 1Password i can generate the one-time codes on every device that has 1Password installed.

That way i'm not locked out of my Google Account if i lose my phone.

That's how I manage my OTPs also, and I couple it with being able to add them to my Apple Watch. Easy access to OTPs on my wrist, phone, and all of my computers. I only wish that 1Password recognized the page was asking for the OTP and filled it in for me instead of having to copy-paste or manually enter it.

EDIT: Is anyone able to clarify whether this wipes out the Authenticator app option? It appears to still be enabled on all of my accounts, but I'm wondering if those are grandfathered. So, if for some reason I need to either reset it or add it to a new account, will the Authenticator app option no longer be available. I don't want to disable it just to find out it is indeed no longer an option.

 

[brilliantthings]

Can't find any notification settings for the Google app. Wonder how these alerts are going to work.

Update:
Google app adds notification settings once you've signed up.

 

[widEyed]

That's how I manage my OTPs also, and I couple it with being able to add them to my Apple Watch. Easy access to OTPs on my wrist, phone, and all of my computers. I only wish that 1Password recognized the page was asking for the OTP and filled it in for me instead of having to copy-paste or manually enter it.

EDIT: Is anyone able to clarify whether this wipes out the Authenticator app option? It appears to still be enabled on all of my accounts, but I'm wondering if those are grandfathered. So, if for some reason I need to either reset it or add it to a new account, will the Authenticator app option no longer be available. I don't want to disable it just to find out it is indeed no longer an option.

Any chance you could post links for instructions for setting up 2-step authentication for Google accounts? I have an email account with an org using Google for their email and they forced 2-step onto us but I don't want to give the Big Google my phone number.

I do use 1Password but I just can't get any info online (including Google documentation for 2-step authority which is scant and hopeless if you click LEARN MORE on the login page) to help me set this up. I can't even log into the account in question on my second MBP, on the first their admin had to send me some temporary single-use numeric string passwords. Waiting for him to send more but I'd rather by-pass him (he's a volunteer) and just get it happening using their app or 1Password or something.

 

[Fiestaman]

Any chance you could post links for instructions for setting up 2-step authentication for Google accounts? I have an email account with an org using Google for their email and they forced 2-step onto us but I don't want to give the Big Google my phone number.

I do use 1Password but I just can't get any info online (including Google documentation for 2-step authority which is scant and hopeless if you click LEARN MORE on the login page) to help me set this up. I can't even log into the account in question on my second MBP, on the first their admin had to send me some temporary single-use numeric string passwords. Waiting for him to send more but I'd rather by-pass him (he's a volunteer) and just get it happening using their app or 1Password or something.

Sorry for the slow response. To set up two-factor with 1Password, go through the process of setting it up as if you were going to use Google Authenticator, but when it gives you either the QR code or the secret key to put into Google Authenticator, put it into 1Password instead. You'll want to create a new data field on the login card in question that you're setting up 2FA for at the time and choose One-Time Password or OTP as the type of data from the dropdown on the right. 1Password has a pretty easy walkthrough on their site. Here's the link.
https://support.1password.com/one-time-passwords/

 

[bozzykid]

EDIT: Is anyone able to clarify whether this wipes out the Authenticator app option?

Of course it doesn't. You can see your 2-Steps settings easily under your account sign in options. You can have multiple "2nd step" options. This option in the iOS app is no different than what they have done with Android for years. If you don't approve with the prompt, you have the option to enter your two factor code.