In a decisive move to bolster user security, Google has announced plans to discontinue SMS-based two-factor authentication (2FA) for Gmail accounts.
This decision reflects the company’s commitment to adopting more secure and reliable methods of user verification.
SMS-based 2FA, which involves sending a one-time code via text message to verify a user’s identity during login attempts, has been widely used. However, this method has been criticized for vulnerabilities, including SIM swapping and message interception, which can compromise account security.
As reported by Forbes, Google’s decision to phase out SMS-based authentication on Gmail aligns with industry trends that favour more robust security measures. The company encourages users to transition to alternative 2FA methods, such as authentication apps or hardware security keys, which offer enhanced protection against phishing and other cyber threats.
Speaking to Forbes, a Google spokesperson stated, “Just like we want to move past passwords with the use of things like passkeys, we want to move away from sending SMS messages for authentication. SMS codes are a source of heightened risk for users. We’re pleased to introduce an innovative new approach to shrink the surface area for attackers and keep users safer from malicious activity.”
Authentication apps, like Google Authenticator, generate time-sensitive codes directly on a user’s device, reducing reliance on external networks and minimizing potential interception risks. Hardware security keys provide an additional layer of security by requiring a physical device to complete the
