Google Has Enrolled 150 Million Two-Factor Authentication, And Sees 50% Drop In Hacks

Google has lots of products under its flag. From its ubiquitous search engine, to Gmail, to YouTube, and many many more.

With users accounting to the billions, the company said that it has managed to reduce the number of hacks targeting its users by half.

It all started back in 2021, when Google started automatically enabling 2-Step Verification for end users, including requiring 2 million YouTube users to enable it. And this time, it has successfully done so for 150 million users.

Google said that more accounts will be enrolled in 2FA only if they have the "proper backup mechanisms" in place for the transition.

With that effort, Google noted in a release that the action has caused "the number of accounts hijacked by password theft decrease by 50%."

"Turn on 2SV (or we will!)," Google said.

Google 2FA setup
Google 2FA setup

According to Google Chrome safety director Guemmy Kim in a blog post:

This decrease speaks volumes to how effective having a second form of verification can be in protecting your data and personal information. And while we're proud of these initial results, and happy with the response we have received from our users and the community, we're excited about other ongoing work we're doing behind the scenes.

Google's two-factor authentication (2FA) involves users tapping ‘yes’ on a signed-in phone after entering their email and password, or plugging-in (or tapping via NFC) a physical security key into the device.

Google managed to reduce the number of compromised attacks by half, simply because Google's two-factor authentication (2FA) removes the single biggest threat that makes users easy to hack: passwords that are challenging to remember.

Most importantly, Google made passwords obtained by hackers in phishing campaigns or via data breaches useless.

2FA simply adds an extra step to the login process.

[block:block=87]
Today alone, billions of people around the world will use our products to help with things big and small -- whether it's paying for coffee with Google Pay or teaching an online class full of students -- and it's our responsibility to keep your personal information safe and secure. We know that your Gmail is often the link to accessing your non-Google accounts for banking, social media, shopping and more. That's why the security of Gmail is fundamental to our work to keep you safe online. By making all of our products secure by default, we keep more users safe than anyone else in the world -- blocking malware, phishing attempts, spam messages, and potential cyberattacks.

The company announced that result, “compared to those not enrolled” in 2SV, as part of Safer Internet Day.

In another blog post, Google said that it is providing free online lessons to help teach people how to stay safe wherever they are on the internet.

We’re partnering with Khan Academy, a non-profit educational organization, to develop free, online lessons that will help teach people how to stay safe online. We’ll contribute $5 million so that Khan Academy can create accessible, easy to understand and actionable online safety content for its 18 million monthly users around the globe. Last year alone, searches for “how to stop identity theft" spiked over 110%, so we know people are looking for tips on how to protect themselves online. Our previous work in educating people about online safety has shown us the positive impact this can have. To expand our impact, we’re excited to be partnering with Khan Academy to make internet safety more accessible for everyone.

It's worth mentioning that while Google said that it managed to decrease the number of hacked accounts by 50%, it didn't disclose the exact number of the compromised accounts.