Gmail’s new two-factor authentication improves security
Google’s Gmail service has added a two-factor authentication mode for users who want a little more security in their Gmail account. Gmail users can now have Google send them an SMS text message with a numeric code that would be used as a secondary pin in addition to the normal Gmail account password. Gmail users can opt to unlock their computer for 30 days, but a more persistent option would be more user friendly and reasonably secure if Google made it easy to lock out lost or stolen computers.
Letting users get the pin from a home phone would also be a nice option in addition or as an alternative to mobile phones. This security feature is a great improvement, but it’s more complex and limiting than it needs to be. Another feature that would make things far more usable and secure is if the user’s phone would feed the SMS received pin to the PC automatically via BlueTooth for automatic login. Then the user wouldn’t care if the computer required a separate pin over SMS every time the user logs into Gmail because it will all seamless and transparent.
For some background, Gmail did very well in my online security report card, but that likely had something to do with the fact that Google got most of the negative attention in 2007 when it was very easy to hack Gmail and most other web services. Google added a secure opt-in feature in 2008 but it wasn’t until 2010 that Gmail turned on SSL security for everyone by default.