Security Experts:

Connect with us

Hi, what are you looking for?


Identity & Access

Google Prompt Now Primary Choice for 2-Step Verification

Google has taken yet another step toward improving the security of its users by making Google prompt the primary choice for 2-Step Verification (2SV), instead of SMS.

Google has taken yet another step toward improving the security of its users by making Google prompt the primary choice for 2-Step Verification (2SV), instead of SMS.

Launched in June last year, Google prompt was designed to improve the security of the login process by informing users of any login attempts on accounts with 2SV enabled. Instead of receiving an SMS message, the user is greeted with a pop-up on the smartphone, and they can log in by simply clicking the “Yes” button.

Considering that it is a more secure 2SV method compared to SMS, Google started inviting users to enable Google prompt this July. The functionality is available for both Android and iOS users, and has been designed to deliver 2SV over an encrypted connection, in addition to providing options such as the blocking of unauthorized access attempts.

“Google prompt is an easier and more secure method of authenticating an account, and it respects mobile policies enforced on employee devices,” the Internet giant claims.

Now, the company has decided to push Google prompt to all users, and is making it the first 2SV choice for them, instead of SMS. Once they enable 2SV, however, users will still be able to use options such as SMS, the Google Authenticator app, backup codes, and Security Keys as their alternative second step.

The change, Google says, will only impact users who haven’t set up two-step verification yet, while those who have won’t be affected. Furthermore, users who attempt to set up 2SV but don’t have a compatible mobile device will be prompted to use SMS instead. To enable 2SV, users should head to their My Account page.

The use of Google prompt, the Internet company points out, requires a data connection. On iOS devices, the feature requires the Google app. For more advanced security requirements, Suite Enterprise domains can enforce Security Keys.

Google prompt is currently rolling out to all users, but it might take up to two weeks before it becomes available everywhere.

Related: Google Inviting 2-Step Verification SMS Users to Google Prompt

Related: Google to Offer Stepped-up Security For ‘High Risk’ Users

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.