Google Turns On 2FA … by default

2FA (or 2SV - two-step verification) is absolutely recommended as an important security feature.

2FA requires you to have your standard login credentials (username, and password) PLUS something. You also need a smartphone with the Google app installed, a security key or an OTP (one-time-password) code shared via email or SMS.

Turn on 2FA when available to boost the security protection of your internet accounts, particularly email.

Right in time for Cyber Security Awareness Month, Google is not only recommending 2FA, they are mandating it for millions of Gmail users and YouTube creators. Users will receive seven days notice that the feature is being turned on by default. You can subsequently opt-out, but I certainly don’t recommend that.

Instead, use the opportunity to secure your Google accounts. Start with logging in, navigating to and running ‘Security Checkup’. Ensure your account recovery information is up to date and, possibly more importantly, accessible. Do you have the same phone number? Do you still have access to the backup email listed? If your answer to either question is no, update now!

If you are up to it, change all your passwords (or at least the ones for the most sensitive accounts) and store the new passwords in Google’s password manager.

The free, integrated, cross-platform and synced feature will auto-fill your passwords in both your desktop and mobile Chrome browsers. It’s pretty convenient. And did I mention it's free?

Google Password Manager is available in the app, in the saved passwords tab in Chrome or online at: passwords.google.com. It’s a quick alternative to paid services like LastPass and 1Password. Chances are your passwords will be safe from predators; I’m not so sure about Google.

You already know to never share your email password. If you decide to use Google Password Manager, everyone with access to your email has access to all your passwords. Yikes!