One of the systems used to protect web users from data and identity theft and online account hacking is a two-step authentication process alerting users to new login attempts by SMS or by email. This system now looks set to become even simpler, with Google and Apple leading the way.
Google has announced a simplification of its two-step verification system. The update will allow users to connect to one of its applications via a notification sent to another device already logged in to the account. The user then simply accepts or refuses the attempted login. In other words, there's no need for codes sent by SMS to verify new login attempts. Google plans to roll out the service progressively to all of its mobile applications in the coming days, both on Android and iOS.
Like the new continuity function of Apple, this too automatically validates access to an application when a user is already logged in on another device. Social networks, such as Facebook and Twitter, which still use "classic" two-step authentication, could soon follow suit.
Facebook users can currently activate two-step verification by selecting ‘Require a security code to access my account from unknown browsers’ in the ‘Login Approvals’ section of the Security menu after entering a mobile phone number. A security code is then sent by text message with each new connection attempt.
Twitter users can select ‘Verify login requests’ in the Privacy menu then enter their mobile phone number to receive a text message containing an access code for each new attempted login. This kind of process may be a little more demanding, but it considerably improves the security of online accounts.