When you’re in a rush to gain access to an account, the last thing you want to do is find another device to approve a sign-in request. Unfortunately for your time management but fortunately for your security, Google is making multi-factor authentication (MFA) a requirement for Cloud accounts moving into next year.
MFA Will Be Mandatory for Google Cloud Accounts
Announced this week on the Google Cloud blog, Google is starting to roll out mandatory MFA for Cloud accounts. In general, MFA can reduce the risk of cybercrime and data breaches. This update should thus help improve the security of the Google Cloud suite, often used by app developers and businesses.
If you use Google’s suite at work and are worried about sign-in headaches, Google promises to maintain a “smooth” experience:
“As pioneers in bringing multi-factor authentication (MFA) to millions of Google users worldwide, we’ve seen firsthand how it strengthens security without sacrificing a smooth and convenient online experience.”
Google Cloud vs. Google Drive
It’s important to note that this update will not affect general Google consumers. So, if you’re a Google Drive user, you don’t have to fret about MFA—yet.
While Google Drive is technically cloud-based storage, it’s not the same thing as Google Cloud. Google Drive is tailored more towards individuals and small teams, whereas Google Cloud is used by businesses and developers, who can scale its storage capacity and functionality.
If the company you work for uses Google Cloud services, then you will see MFA in your future. However, it may not happen all at once.
2-Step Verification, One Step at a Time
Nobody likes change. So, Google has promised a “phased approach” to its MFA enforcement on Cloud accounts, with Phase 1 starting this month.
Essentially, Google Cloud users should expect to receive notifications this November, encouraging a switch to multi-factor authentication. Encouragement will transition to a mandatory requirement gradually through 2025.
You can get ahead of it now by enabling 2-Step Verification now, at security.google.com. Just look for How you sign in to Google, and you should see an option for 2-Step Verification. Once you select this, you’ll see a button to Turn on 2-Step Verification. If you don’t see this option, check with your admin.
If you’re a federated user, Google recommends checking with your identity provider, so everyone is on the same page about the MFA method (sometimes referred to as “2SV”).
A password is just not enough anymore. Sadly, as technology evolves, so do the schemes to disassemble it. Passwords get leaked, and one day, hackers will find their way around even the best MFA methods. I guess we can be thankful that we’re only at two steps of verification, and I’m certainly not looking forward to the day we’re at five.