Google today moved to boost security for users of its hosted Google Apps tools by adding a new two-step verification process. Google announced the new sign-in feature at its Google Atmosphere conference in Paris.
"Cloud computing is about making your information easily accessible from anywhere, on any device," Eran Feigenbaum, director of security for Google Apps, said in a blog post. "Until today, organisations looking to secure their information beyond a password have faced costs and complexities that prevented many of them from using stronger security technologies. Today, we are changing that with the introduction of a more secure sign-in capability for Google Apps accounts that significantly increases the security of the cloud: Two step verification."
The feature, which must be enabled by an administrator, requires that users have two means of identification - something they know (a password), and something they have (a cell phone). Feigenbaum explained that after a user plugs in her password, a verification code will then be sent to her cell phone.
"This makes it much more likely that you're the only one accessing your data," he said. "Even if someone has stolen your password, they'll need more than that to access your account. You can also indicate when you're using a computer you trust and don't want to be asked for a verification code from that machine in the future."
While this new capability is just for Google Apps business users today, Feigenbaum said it will be rolled out to all individual Google users "in the coming months." Google apps include Gmail, Google Docs and Calendar.