The feature works by safeguarding accounts with two separate sets of credentials: the user’s password, and an auxiliary code that’s sent to their cellphone immediately following an attempted log-in.
When enabled correctly, an account protected by two-factor authentication can’t be compromised unless an attacker has both their victim’s password and secondary device, effectively adding an extra layer of security between users and hackers.
Despite its benefits, Google software engineer said during a presentation at the Usenix’s Enigma 2018 security conference Wednesday that less than 10 percent of active Google accounts use two-step authentication.
“The question is, why wouldn’t we make two-factor authentication mandatory?” Google’s Grzegorz Milka asked during his presentation, Gizmodo reported. “The answer is usability. In the end, we want people to use their accounts. How many people would we drive out of using Google accounts if we force them to use additional security?”
“It’s perceived as an unnecessary hassle to setup additional security for one’s account,” Mr. Milka said, PCMag reported, adding: “The truth is such obvious security mechanisms just don’t get adopted on a wide enough scale.”
While Mr. Milka said less than 10 percent of Gmail accounts have enabled two-factor authentication, a recent study conducted by Duo, an Ann Arbor-based security firm, concluded that about 28 percent of Americans use the feature overall.
More than half of respondents — 56 percent — said they hadn’t heard of two-factor authentication before the survey, Duo said in its November report.
Google boasted over 1 billion active Gmail users as of February 2016, making it one of the world’s most popular free webmail providers.
A personal Gmail account belonging to John Podesta, the manager of Democratic candidate Hillary Clinton’s…