After launching last week their new Backup and Sync app for Macs and Windows PCs, Google now announced that it wants to simplify and strengthen the 2-step verification process for users' accounts.
Starting this week, Google will send invitations to users who opted in for the 2-step verification method with SMS (Short Message Service) to try a new, simplified, and more secure Google prompt the next time they sign into their accounts. Instead of receiving an SMS, users can preview the new Google prompt sign in flow, which they can leave it enabled by default or return to the SMS-based one.
"Overall, this is being done because SMS text message verifications and one-time codes are more susceptible to phishing attempts by attackers," said Google. "By relying on account authentication instead of SMS, administrators can be sure that their mobile policies will be enforced on the device and authentication is happening through an encrypted connection."
Will work on both Android and iOS devices
Google says that it will send the invitations only to its 2-step verification SMS users, most probably is a gradual rollout during the next few days. Both Android and iOS devices are supported, though iOS users need to install the Google Search app from the App Store to be able to receive the new Google prompt.
Those who opted in for signing into their Google accounts with security keys are not affected by this change, nor enterprise edition domains, which can now enforce their security keys for better protection. Even if you opt out of using the new Google prompts, you'll still be asked to switch to it after six months, according to the blog announcement.
The new mobile promts will be available to all end users, as well as to all G Suite editions. Google revamped its 2-step verification process last time in February 2017, when it enabled encrypted connections by default for all sign-ins and allowed users to block unauthorized access to their accounts via real-time security information.