This week, Google announced that Gmail and Google Apps users can now avail themselves of a simpler form of two-step verification. Instead of having to look up a 6-digit code on their phones and then type that code in manually elsewhere, they can now simply approve sign-in requests on their phones with a single tap.
If this sounds familiar, it’s because Microsoft previously enabled this same simpler form of verification in its Microsoft Account app, which curiously is still only available on Android. (Microsoft makes a traditional code-generating app for two-step verification, called Authenticator, for Windows phones.)
Consider a typical interaction. You’re browsing the web on your PC using whatever browser and you’re prompted for your Google credentials. So you type in your user name and password, press Enter, and are then prompted to enter a verification code. Because you did of course enable two-step verification (also called two-factor authentication) to protect your online accounts, right? Right!?
Anyway, at that point you have to turn on your phone, navigate to whatever authenticator app you’re using—Google makes one for bothAndroid and iPhone, plus I’ve recommended the LastPass Authenticator in the past as well—view the 6-digit code for the account you’re accessing, and then type it in correctly on the PC … and do so before the timer runs out, as these codes are generated uniquely every 30 seconds. Type quickly! Type accurately!
It’s so much easier to approve sign-in requests with a pop-up notification on your phone. Now, after entering your user name and password, you simply turn to your phone where a pop-up notification has appeared asking you to verify the sign-in. One tap, and you’re done.
Google’s new form of verification, which it calls Google Prompt, works with both Android phones and iPhone (you also need the Google app installed in the latter case) and can be used instead of the other available forms for two-step verification on your Google (Gmail and Google Apps) accounts, like a security key or the verification code method described above. It even uses TouchID on an iPhone.
To enable it, open Google My Account in your web browser and navigate to Sign-in & Security, Signing in to Google, and then 2-Step Verification. Google lets you use multiple forms of verification, so you could enable Google Prompt as the primary second step, so to speak, but still leave an authenticator app and various voice and text numbers available for getting verification codes.
The downside, of course, is that it only works for your Google accounts. (Likewise, the Microsoft Account app for Android only works with your Microsoft account.) The nice thing about an authenticator app is that you can configure multiple accounts. So what we really need is a prompt-based app that also works on multiple accounts. I assume there’s a security explanation for this not being available, but I can’t figure that out.