Feeds

Google Apps tap mobiles for beefier log-in security

Cell phone as security token

5 things you didn’t know about cloud backup

Google is tapping user cell phones to provide an extra level of sign-in security for Google Apps, its suite of online business applications.

On Monday, the company announced that it's now offering what it calls two-step verification. When the new tool is turned on and you log in to your Google Apps account, it requires not only a password but a separate verification code pulled from your mobile phone. "This makes it much more likely that you’re the only one accessing your data," the company said in a blog post. "Even if someone has stolen your password, they'll need more than that to access your account."

The verification code is sent to your mobile phone via SMS, voice call, or an application that's available for Android handsets, BlackBerries, and iPhones. The service is available today for free on the Premier, Education, and Government editions of Google Apps, and users of the free Standard edition will have access "in the months ahead."

Administrators must activate the tool from the Admin Control Panel, and individual users can then set it up via the Accounts tab on their Gmail settings page. If you like, you can turn the service off for certain "trusted computers" (i.e. your work desktop) but leave it on whenever your account is accessed from other machines. "You can...indicate when you're using a computer you trust and don't want to be asked for a verification code from that machine in the future," the company said.

Google also plans to roll the service out across individual Google accounts (i.e. regular accounts for non-Google Apps users) in the coming months.

In an effort to encourage other outfits to adopt similar services, Google has based its two verification on the Initiative for Open Authentication (OATH) standard (not to be confused with OAuth), and it has open sourced its verification code mobile application – Google Authenticator – so that others can customize it as they see fit. ®

5 things you didn’t know about cloud backup

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft refuses to nip 'Windows 9' unzip lip slip
Look at the shiny Windows 8.1, why can't you people talk about 8.1, sobs an exec somewhere
Intel's Raspberry Pi rival Galileo can now run Windows
Behold the Internet of Things. Wintel Things
Linux Foundation says many Linux admins and engineers are certifiable
Floats exam program to help IT employers lock up talent
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Eat up Martha! Microsoft slings handwriting recog into OneNote on Android
Freehand input on non-Windows kit for the first time
Linux kernel devs made to finger their dongles before contributing code
Two-factor auth enabled for Kernel.org repositories
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?