For World Password Day, May 6, Google has marked the occasion. On its blog, the company announced that it’s hitherto optional two-factor authentication system (2FA) would soon apply automatically.
Google against the invincible “123456”
Commenting on the rankings of the most used passwords has become a habit for several years. Each year, it is always the same 123456 who seems to be the indestructible champion. Every year the same question arises, that of the lack of awareness of the risks.
Yet web users seem to pay more and more attention to their precious sesame. The number of searches “how strong is my password?” Increased by 300% in 2020 on Google. The health context and the massification of teleworking which resulted from it are not innocent in this awareness.
Yet, as Google explains in its blog post, a longer and more complex password can, paradoxically, be riskier: hard to remember, users use them everywhere. Automatically, the consequences of a compromise are multiplied.
It is for these reasons that Mountain View expects soon; they have brought no date forward, to make the double-factor authentication automatic. The principle is simple: the user identifies himself, then receives a message on his smartphone or an emergency e-mail address asking him to confirm that it is indeed him. A much more secure system than simple identification .
Password obsolete soon?
The loopholes in the password have been known for a long time. Digital companies have been looking for a way to secure this system for several years. In 2019, Google already launched Password Checkup to check if it has compromised its password. More and more service is looking into the possibility of authenticating without a password. While waiting for the new easy-to-use and efficient security protocol, moving to two-factor authentication will be a good start.