In order to make 150 million Google accounts and 2 million YouTube accounts more secure, Google plans to activate two-factor authentication (2FA) automatically by the end of this year. This comes from a recent report.
With two-factor authentication (2FA), you need a second factor in addition to your password to log in. Usually this is a code that you receive via SMS or is generated using a free authenticator app. Alternatively, this also works for security tokens such as YubiKey. You must enter this code in addition to the password. Otherwise, you will not be able to access the account.
By combining something that only you know (the password) and something you own (a smartphone), you can effectively prevent attackers who only know the password, for example. As evidenced by a post dated May 2021Google has already started to automatically activate two-factor authentication (2FA) for accounts at this point.
To check if two-factor authentication (2FA) is already active for your own account, you must invoke the security check on your Google account.
IT security is always inconvenient
In 2018, a Google developer said at the Usenix Enigma Security conference that less than 10 percent of Google users had 2FA enabled at that time. For usability reasons, the group ruled out automatic activation at the time.
In order to make logins as easy as possible despite two-factor authentication (2FA), Google claims to be integrating security tokens directly into Android devices. Generating a 2FA code using the Google Smart Lock app should work on Apple devices.