Google today announced the launch of Two-step Verification. Currently only available for Google Apps Premier, Education, and Government Editions of Google accounts, but being opened up to everyone over the coming months it add an extra layer of security. Instead of entering your user name and password to get into an account, with Two-step Verification you’ll then need to enter a generated code sent to your phone or from a special mobile app.
This means hacking accounts should be much more difficult, as you’ll need both your password and mobile phone. Of course, this means entrusting the search giant with even more of your personal data, but as more people want to use Google’s App suite professionally it adds a welcome layer of security.
From Google’s blog post’s description it sounds like two-step verification has been very well designed, but how long before that’s no longer enough? With more and more services insisting already that your password must be eight characters and contain a mix of letters and numbers, why not go for three layers of security? Are we seeing the beginnings of a Gillette razor-style escalation?
Security is important online, but users should be safe as long as they follow basic security guidelines, as Elena showed us earlier in the year.
