‘Two-factor authentication’ may satisfy the security concerns of many CIOs but it adds a burden to users.
Google’s Enterprise blog announced that some customers would soon have the ability to add two-factor authentication to their Apps accounts. This service is now available for government and premier customers and will roll out to all Apps users and Gmail users in the coming months.
It is an opt-in service. Users identify their home computers only once for authentication. Company Apps administrators may not be as lax, however. Once enabled by an administrator, end users can set up the security feature in the accounts tab in Gmail settings.
This is a big step for organizations that aren’t comfortable with the single sign-on method of verification that Google currently employs. By adding the additional step (and tying it with a mobile device) Google will satisfy a much broader swath of corporate IT standards, especially in banking and government.
The downsides are few but significant. Users obviously won’t be excited about another authentication step that involves pulling a device out of their pocket and firing up an app.
Google also allows the password to be sent over SMS. While that makes just about any mobile device made in the last ten years a way of authentication, it also could add SMS charges if your carrier charges by text.
Another downside is that getting your phone stolen is now a key in getting into your e-mail, though you’ll likely be able to remote-wipe your phone. Theives will still need your original password to get into your e-mail.
Google notes its own security creds: