Pages

Google Is Making Two Factor Authentication More Convenient, & Is Slightly Tweaking Its OAuth Consent Form

Google's working on a bunch of new security centric features, making the two factor authentication process easier on new pages, and allowing for improvements to approve permissions on the OAuth screen.

Two factor authentication (2FA) is an all-too important and necessary process that helps maintain online security. With phishing attacks and cyber criminals running amok, 2FA is a simple feature which allows users to verify certain actions they take in the virtual world. Whether it be login authentication, credit and/or debit card transactions, making edits to important documents and so on, 2FA helps make every step taken much more safer and secure. With many institutions, both public and private, involving themselves in the entire process (for example, banks working on the ability to authenticate transactions made from your account), this seems to be the way forward in safely maintaining an online persona.

When Google sets up a 2FA system, an algorithm sets up 10 separate backup codes just in case an individual's phone and original security keys aren't available, or have been lost. Previously, these would be accessible in the form of a pop-up that displayed all 10 keys, with no further information. However, with this new update, 2FA keys have their own dedicated webpage, complete with the options to download the codes, print them out, or to generate new ones in case the previous ones have been leaked out to other users. At any rate, the dedicated space of having their own page does make the whole matter of accessing the 10 codes a bit easier. No longer must we chase after pop-ups and rely on screenshots. Now, codes are clearly visible, and easily downloadable.



Google's also fiddled around with its OAuth settings, to the benefit of users. Now, when granting third party applications access to one's data, the consent screen appears a bit differently, depending on what's being asked of the user at hand. Specifically, if an application is asking for incremental data, or just a single permission for example, users will no longer have to check box that permission before hitting the Continue button. They can simply hit continue, and move onwards. It's a very tiny detail to be added into the mix, but helps provide a minor form of ease to the process. After all, it only makes sense. If a third party app's only asking for access to data in the Drive and nothing else, checkboxes are a vestigial apparatus at best.

Sources: Workspaceupdates / GD.

Read next: Some spammy Android app developers are utilizing ads as a path to elude the Google Play Store, confidentially getting installed without the user's authorization

No comments:

Post a Comment