Two-tier sign in process to protect cloud-based mail and documents
Google has announced a security overhaul for Premier Apps, which the company hopes will make the services more attractive to businesses.
The authentication upgrade means the apps such as Gmail and Docs will require a two-step process before users can access emails or documents, with a Google-generated passcode complementing existing passwords.
The code can be sent via SMS or voice message to any mobile phone, or can be generated by an application on Android, BlackBerry or iPhone handsets.
"This requires two means of identification to sign in to a Google Apps account; something you know - a password - and something you have - a mobile phone," said Eran Feigenbaum, director of security for Google Apps, in Google's enterprise blog.
“When enabled by an administrator, it requires two means of identification to sign in to a Google Apps account. After entering your password, a verification code is sent to your mobile phone via SMS, voice calls, or generated on an application you can install on your Android, BlackBerry or iPhone device.”
Google claims this will make it much harder for anyone to break into an account – even if crooks have stolen the password – but end users will be able to set up trusted computers that bypass the system.
According to Google, the two-step verification is built on an open standard, which should enable it to be integrated with other authentication technologies, and the company is also open sourcing the application so security developers can customise the technology.
Security conscious consumers will be able to sign up over the next few months.