Google's two-step authentication goes worldwide

Two-step verification service, which makes it more difficult for hackers to break into Google accounts, is being rolled out in 40 languages in 150 countries

Google said Thursday that it has rolled out its two-step authentication sign-in system to 40 languages across over 150 countries.

The service, which is intended to make it more difficult for hackers to break into Google accounts, has been available since February as an optional service but only in English.

[ Learn how to greatly reduce the threat of malicious attacks with InfoWorld's Insider Threat Deep Dive PDF special report. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

The two-step verification system combines password-based authentication with a verification code. The code is generated by a Google app on the user's iPhone, Android or BlackBerry smartphone, or sent to the user by short message service (SMS) or automated voice call. The account can be accessed only after this code is entered. The verification code can be made valid for a session or for up to 30 days at a time.

The verification system was offered in September to users of Google Apps, and was introduced in English to Google accounts in February. There was no geographic limitation earlier, but Google now supports more countries for receiving codes via SMS and voice calls, for people who aren't using the Google Authenticator app on a smartphone, Google said in an email.

The option to receive the codes through SMS and automated voice calls is likely to be useful to users in emerging markets like India where most mobile users do not have smartphones.

After the user sets up a phone to receive verification codes, 10 backup codes are issued. These backup codes can each be used once instead of a verification code to sign in, and could be useful when users don't have access to their phone, for example, while traveling, Google said. While setting up the preferences, users can also provide an alternative mobile number in case the first phone is not available or lost.

Email, social networking, and other online accounts still get compromised today, but two-step verification cuts those risks significantly, said Nishit Shah, product manager for Google security.

Google has been promoting its two-step authentication after Gmail accounts were compromised in June. The company said that passwords of personal Gmail accounts of hundreds of users including senior U.S. government officials, Chinese political activists, officials in several Asian countries, military personnel, and journalists were collected in a campaign which seemed to originate from Jinan, China.

Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies