Google Workspace Updates: Strengthening 2-Step Verification by showing phone prompts to more users

Strengthening 2-Step Verification by showing phone prompts to more users

Tuesday, June 16, 2020

What’s changing

Starting on July 7, 2020, we will make phone verification prompts the primary 2-Step Verification (2SV) method for all eligible users, unless they are already using security keys as their 2SV method of choice. This means that if you sign in to your Google account and are also signed in on a smartphone, you will be asked to follow phone prompts to verify the login attempt. This will help increase account security while making it easier to sign in.

This won’t apply if you use a security key to protect your account. You’ll also still be able to use other methods (such as a code received by text) by selecting a different method during the phone prompt verification steps.

Phone prompts verify your sign-in attempt via your smartphone

Who’s impacted

End users

Why it’s important

Phone prompts, also known as “on-device prompts,” are more secure than text or voice codes as a form of 2-Step Verification. They’re also easier to use, as they avoid requiring users to manually enter a code received on another device. By making prompts the primary method for more users, we hope to help them take advantage of the additional security without having to manually change settings—though they can still use other methods of 2-Step Verification if they prefer.

Additional details

How phone prompts work
After you enter your password to sign in to your Google Account, Google sends a "Trying to sign in?" prompt to every eligible mobile device where you’re signed in. This prompt tells you when and where your password was entered, and then asks you to confirm or block the sign-in attempt by simply tapping your mobile device. You can still select a different verification method during sign-in if one is available on your account. You’ll also stop receiving prompts on a phone if you sign out of that phone. Learn more about phone prompts.

Users with security keys are excluded from this change
Users will not have prompts as their primary 2SV method in two situations:

If an organization enforces the “Only security key” 2-Step Verification option for a user, there will be no change and the user will continue to be required to use security keys.
If a user currently has, or at any point in the future adds, a security key on their account, the security key verification will be presented as the primary method.

Additionally, if a user doesn’t have 2-Step Verification turned on, this will not apply.

Getting started

Admins: This feature will be ON by default. Admins can only disable the feature by requiring the use of security keys. Visit the Help Center to learn more about protecting your business with 2-Step Verification.
End users: This feature will be ON by default and can be disabled by the user. Visit the Help Center to learn more about signing in with 2-Step Verification.

Rollout pace

Rapid and Scheduled Release domains: Gradual rollout (up to 15 days for feature visibility) starting on July 7, 2020

Availability

Available to all G Suite customers and users with personal accounts.

Resources

Useful Links

Join the official community for Google Workspace administrators

In the Google Cloud Community, connect with Googlers and other Google Workspace admins like yourself. Participate in product discussions, check out the Community Articles, and learn tips and tricks that will make your work and life easier. Be the first to know what's happening with Google Workspace.

______________

Learn about more Google Workspace launches

On the “What’s new in Google Workspace?” Help Center page, learn about new products and features launching in Google Workspace, including smaller changes that haven’t been announced on the Google Workspace Updates blog.

______________

Updates