Google is to offer all Gmail users the option to secure their accounts using two-factor authentication (2FA), the first time such security has been widely used on mass webmail. Google is to offer all Gmail users the option to secure their accounts using two-factor authentication (2FA), the first time such security has been widely used on mass webmail.The new 2FA option two step verification in Google terminology – will add an extra layer of security in which users designate a mobile phone, landline or mobile app to receive a unique one-time login code. This is then entered in addition to the usual username and password combination.Its a lot more secure but it does add some complexity, requiring what the company describes as a 15-minute setup process which also requires a backup phone in case the primary one is lost. This which can be a landline or a mobile phone.When accessing Gmail through non-browser applications such as standalone email apps or a phone app, a specific but on-off password will have to be generated to stop the application working. One concession to convenience is that the verification code can be set to renew every 30 days which avoids needing a new one for every login. Supported mobile apps to received codes on include Android, iPhone and BlackBerry.Its not clear how quickly the feature will be made available to all users that want it but the option will need to be turned on in the account settings tab. If google eventually makes the feature standard on accounts the payback for the company could be a reduction in the number of bogus accounts created using the service to relay spam. At the very least it would make migrating from bogus account to bogus account difficult if the associated mobile accounts are also blacklisted. Related content news SpecterOps to use in-house approximation to test for global attack variations The new offering uses atomic tests and in-house approximation in purple team assessment to test all known techniques of an attack. By Shweta Sharma Sep 28, 2023 3 mins Penetration Testing Network Security Security news New Trojan ZenRAT masquerades as Bitwarden password manager A report by Proofpoint identifies the new Trojan as undocumented and possessing information-stealing capabilities. By Lucian Constantin Sep 28, 2023 4 mins Cyberattacks Hacking Data and Information Security news UK Cyber Security Council CEO reflects on a year of progress Professor Simon Hepburn sits down with broadcaster ITN to discuss Council’s work around cybersecurity professional standards, careers and learning, and outreach and diversity. By Michael Hill Sep 27, 2023 3 mins Government Data and Information Security Security Practices news FIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely. By Michael Hill Sep 27, 2023 3 mins Certifications Internet Security Security Hardware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe