Google has introduced a more secure sign-in capability for Google Apps accounts with two-step verification. The company says this "significantly increases the security of the cloud."
"Two-step verification is easy to set up, manage and use," says Google Apps Director of Security Eran Feigenbaum. "When enabled by an administrator, it requires two means of identification to sign in to a Google Apps account, something you know: a password, and something you have: a mobile phone. It doesn’t require any special tokens or devices. After entering your password, a verification code is sent to your mobile phone via SMS, voice calls, or generated on an application you can install on your Android, BlackBerry or iPhone device. This makes it much more likely that you’re the only one accessing your data: even if someone has stolen your password, they’ll need more than that to access your account. You can also indicate when you’re using a computer you trust and don’t want to be asked for a verification code from that machine in the future."
Admins for Google Apps Premier, Education, and Government Editions can activate two-step verification from the English version of the Admin Control Panel now. Standard Edition users will get it in the coming months. Google says it will offer it to individual Google users in the coming months.
Google is also open sourcing its mobile authentication app, so companies can customize it.