Google is going to automatically enroll 150 million users and two million YouTube creators into using two-factor authentication for their accounts by the end of the year, it announced on Tuesday.
Passwords aren’t good enough on their own, Google’s AbdelKarim Mardini, group product manager working on Chrome, and Guemmy Kim, director at the Account Security and Safety team, explained on Tuesday. These passphrases are often simple and can be easily guessed, or stolen and shared.
Two-factor authentication provides an extra layer of security by, say, requiring a one-time code to complete your login – this code could be generated by an app on your phone or emailed to you – or a hardware key you insert into your computer. The idea being that if someone learns of or guesses your password, they also need to get something else off you, like your unlocked phone or hardware key.