/wion/media/agency_attachments/2024/12/26/2024-12-26t112006978z-wion-white-logo-for-website-2-1.png){kind=logo}
/wion/media/agency_attachments/2024/12/13/2024-12-13t071548098z-wionlogo.webp)
/wion/media/post_attachments/files/2018/09/12/30283-google111-20171009031955.jpg)
Google is planning to ditch years-old SMS-based two-factor authentication (2FA) for Gmail users and will be replacing it with QR code verification.
Google is making the shift to reduce fraud and improve security in the application as there have been concerns about phishing attacks and SIM-swapping fraud.
Also read: Mexico threatens Google with legal action for renaming Gulf of Mexico
Why is it changing?
Cybercriminals and hackers used to hijack phone numbers and steal verification codes. The hackers often used to trick users into revealing their one-time SMS codes through phishing attacks, making SMS authentication a less secure option.
Currently, Gmail users receive a six-digit authentication code via SMS after entering their passwords.
This was introduced in 2011 and has been one of the most widely used security measure despite newer and more secure alternatives.
Also read: Ex-Google boss fears AI could ‘harm innocent people if it ends up in wrong hands’
What is the new system?
However, now, the users will need to scan the QR code with their smartphone cameras to verify their identity for a secured login.
Google has not confirmed the official rollout date yet, however, it is expected to begin over the next few months.
Moreover, it is also unclear whether Google will also discontinue phone-call-based authentication, which users used to opt for instead of SMS codes.
Apart from these, Google also offers more secure login options, including:
- Security Keys: Physical security keys such as YubiKey offer hardware-based authentication for maximum protection.
- Google Prompts: Users receive a pop-up notification on their registered device, allowing them to approve or deny a login attempt.
- Authenticator Apps: Time-based one-time passwords (TOTP) generated by Google Authenticator or third-party apps like Authy.
Also read: Amid uncertainty TikTok returns to Apple and Google app stores
(With inputs from agencies)