Google now allows G Suite administrators to disable unsafe 2FA authentication
Google recently added a new dashboard option to G Suite administrators (Admin console), designed to help administrators have the right to disable two-factor authentication method options (2FA) as phone for G Suite account in their domain, preventing users from using SMS and voice codes when authenticating.
According to G Suite Help Center support documentation, 2FA, also known as 2-Step Verification (2SV) - "requires users to verify their identity through via certain information they know (such as a password), plus other data they have (such as a physical key or access code sent to a device) .Also, it is called Multi-factor authentication (MFA), or 2-factor authentication (2FA) ".
Once activated on an account, 2FA (configured to work with voice / text message codes, Google Authenticator applications or with the second element of hardware such as security keys) will help protect that account from unauthorized access by creating an additional layer of protection designed to block malicious agents from logging in using the stolen information.
- Google first raised G Suite prices - a move to warm up competition with Microsoft Office 365
Both SMS authentication and 2FA voice messages are considered unsafe
"Cybercriminals are increasingly inclined to target small businesses. If hackers get into your administrator account, they can access information about email, documents and pools. Your financial profile and more: A hacker can steal or guess your account password, but they can't copy something that only you have "a Google representative said.
However, there are also some 2FA methods that are not recommended by Google, for example, in the case of phone-related options, including text messages and voice verification codes. These are all authenticated data sent to users through third party networks (such as telecom networks), so they can still be completely blocked or violated by attackers. potential work.
- Google will start deleting photos, comments, pages and more on Google+ from April
The unsafe 2FA options can now be disabled by the G Suite administrator for the entire domain from the Admin console:
'As the awareness of potential SMS-related vulnerabilities and voice codes has increased, some administrators have asked us to introduce more extensive control measures for usability. 2-step phone-based verification method in organizations. The current release of the G Suite has met that requirement - the administrator will now have a policy that can control and enforce the use of multi-factor authentication without the use of SMS and code. Voice verification '.
By enabling this new G Suite policy on your domain, administrators can enhance the overall security of all user accounts and provide better security for all data. link.
To activate this new policy, follow these steps:
- For administrators : Apply new policy by changing settings at Admin console> Security> Advanced security settings> Allowed two-step verification methods.
- For end users: End users will not have to take any action unless the administrator changes the configuration.
Thus it can be seen that after 2FA text and voice verification codes are disabled for the entire domain, users currently using them will not be able to login. Google also provides administrators with a detailed process designed to help them avoid login errors in the "Set up 2-Step Verification" section of the support website.
- Google has removed 2.3 billion 'inappropriate ads' in 2018, down 28% from 2017
In addition to conveying changes and changes to all users, administrators can also provide users "extra time to sign up by including these users. An exception group in which 2SV will not be enforced until they can add a new 2SV method '. This issue is also detailed in the document "Avoid account lockouts when 2-Step Verification is enforced" by Google.
The new 2FA options of Admin console will be available in all G Suite versions, but they will not be enabled by default, so administrators must "make clear choices in applying this policy. on OU / Group basis, like other existing 2SV enforcement policies ".
According to relevant information, the statistics show that a large number of IMAP-based password attacks have been used by many malicious agents to successfully compromise Microsoft Office 365 and G Suite accounts. Multi-factor protection (MFA) protection.
The IMAP-based password theft method takes advantage of the fact that IMAP is the legacy authentication protocol that bypasses MFA, enabling an attacker to perform 'stuffing' attacks against elements protected.
- Google Chrome on Android has just been updated, doubling the page loading speed, saving up to 90% data usage
According to Proofpoint Information Protection Research Team, in a "recently completed 6-month study of customers renting large cloud services, Proofpoint researchers have observed many major attacks to take advantage of. legacy protocols and abolition of authentication information to increase the speed and efficiency of large-scale forced account compromises. "
In addition, the Proofpoint team also said that about 60% of all G Suite and Office 365 customers that were followed were targeted by IMAP-based attacks and about 25% of them were successful implementation, causing significant consequences.
You should read it
- Google: 2-factor authentication can prevent 100% of automated bot hacks
- 5 Multi-Factor Authentication Vulnerabilities and how to fix them
- How to turn on two-factor authentication to protect your Firefox account
- How to set up two-factor authentication on all social networks
- How to create authentication code on Open Two-Factor Authenticator Chrome
- Authenticate what two factors are and why you should use it
- Already able to perform two-factor authentication on Instagram without SMS
- Protect your GitHub account with two-factor authentication
- Deploy multi-factor authentication to remote Microsoft Teams users
- How to turn on two-factor authentication on Slack
- Google Account security guide with Google Authenticator
- More than 90% of Gmail users still don't use the two-factor authentication feature
Maybe you are interested
How to fix hidden templates in Google Docs
How to Create a Budget Spreadsheet in Google Sheets
How to recover deleted Viber messages using Google Drive, iCloud
Google Labs Releases Whisk: A Tool That Allows You to Upload Images as Instructions Instead of Text Prompts
10 Google Photos Tips and Tricks You Shouldn't Miss
Google Announces Android XR, a New OS Platform for AR and VR Glasses