Google today announced a two step verification process during Google Apps login which will help increase the security of organization’s data.
Two-step verification is easy to set up, manage and use. When enabled by an administrator, it requires two means of identification to sign in to a Google Apps account, something you know: a password, and something you have: a mobile phone. It doesn’t require any special tokens or devices. After entering your password, a verification code is sent to your mobile phone via SMS, voice calls, or generated on an application you can install on your Android, BlackBerry or iPhone device. This makes it much more likely that you’re the only one accessing your data: even if someone has stolen your password, they’ll need more than that to access your account. You can also indicate when you’re using a computer you trust and don’t want to be asked for a verification code from that machine in the future.
This is very important for Google Apps users. Just ask Twitter about the embarrassment they suffered when their Google Apps account got hacked. With Google going behind government agencies and enterprises to sell Google Apps as a more economical option than the on-premise email, this becomes all the more important.
This two-step verification is now available for Google Apps Premier, Education and Government editions. It will soon be available on Google Apps standard edition and Gmail. Once the administrator enables this option, users can set it up from their Gmail settings.
The most interesting aspect of this announcement is that Google has built this two-step verification based on open standards. This means that it is possible to integrate this process with third party authentication services in the near future. This will prove to be very enticing for enterprise customers looking to use Google Apps with their existing identity providers.
Even though I am impressed with Google taking steps to improve the security of the cloud, I am really pissed off with them on another aspect of their Google Apps offering. Sometime back Google announced that it will tie Google Apps account with regular Google accounts so that Google Apps users can use some of the Google services not available for them. With this migration, Google Apps email will become Gmail and the Google Apps users could use services like Google Reader, Blogger, etc.. I had a chance to test out this migration and I posted my initial thoughts here. During that time I talked about the multiple sign-on Google offers so that one can move from one Google (Apps) account to another seamlessly.
Your Google Apps email uses vanilla gmail after the transition. If you have more than one gmail accounts (including the transitioned account(s), don’t forget to activate multiple sign-on settings on this page
Once you set up multiple sign-on, shifting from one account to another is breeze. I am really loving it. It is just a click and the change is seamless
Well, now I have migrated all my Google Apps account to Gmail but the multiple sign-on option doesn’t appear to be as seamless as I initially expected. It appears one can only use this option for 3 different Google accounts. If you have more than 3 Google (Apps) accounts, the only options available are
- Sign out of existing account and use the other accounts
- Use the Incognito window for the other accounts
- Use a different browser
Well, I am not cooking up these options but it was Google’s suggestion to workaround the 3 simultaneous login limitation. From what I heard on Twitter, it is not an arbitrary number but it is linked to performance issues. If this is the case, Google has some serious troubles in the horizon. Google is going to forcibly migrate all the remaining Google Apps users to Google accounts and with this 3 simultaneous login limitation, it is going to cause some serious trouble to its power users. For example, I use multiple Google Apps accounts due to my association with many different organizations. By design, I am keeping them separately without forwarding it to a single account. If I have to either use one of the options above to log into all these accounts, I am going to be really frustrated. I guess it is going to be the case with other power users too.
Unless Google works on this issue and sort it out before its forceful migration of Google Apps account, chaos will follow leading to further dissing of Google’s products. Unless, they make it easy for ordinary users to not only enable multiple signon and also use more than 3 accounts, it is going to be a mess. This will not only affect the users but also the admins of Google Apps. Google, are you listening?
Related articles by Zemanta
- Google Rolling Out SMS Verification for Google Apps Access [Security] (lifehacker.com)
- Google Launches 2-Step Verification for Google Apps (webpronews.com)
- Google Brings Two-step Authentication to Google Apps (seome.me)
- Google Apps gains extra layer of security with two-step verification (arstechnica.com)
- Google Apps Gains Extra Security With Two-Factor Authentication (wired.com)
- New Google Apps Security…Encouraging iPhone Theft Since 2010 (marketingpilgrim.com)
- Google Brings Two-step Authentication to Google Apps (mashable.com)
- Google beefs up Apps security (venturebeat.com)
- A more secure cloud for millions of Google Apps users (googleenterprise.blogspot.com)