Google boosts cloud security with two-step verification

20 Sep 2010

Google has introduced two-step verification for Google Apps accounts, giving enterprises more security of the cloud.

When the service is enabled, it requires two means of identification to sign into a Google apps account.

It needs the user’s password as normal, but it also relies on a mobile phone.

After entering the password, a verification code is then sent to their mobile via SMS, voice calls or is generated on an app available from Android, BlackBerry or iPhone.

This protects users, as even if someone else has their password, they won’t be able to access the account without the verification code sent on their mobile.

Users can also indicate when they’re using a computer they trust and don’t need the security of a verification code for that machine in future.

The two-step verification is built on an open standard to allow integration with other authentication technologies.

Google has also open sourced the mobile authentication app so companies can customise it.

Google has previously added the ability to view password strength. The search giant also set minimum password length requirements for Google Apps accounts.

Google also was the first to bring in HTTPS encryption.

Google Apps was the first cloud messaging and collaboration service to gain US government security certification.

Administrators for Google Apps Premier, Education and Government Editions can activate this service from the English version of the Admin Control Panel now.

Standard Edition users will be able to access it in the coming months.