My organization uses G Suite, and we make it mandatory for our work force to use 2-Step Verification. No questions, no exceptions, we use it and employ a variety of different ways.
You have a text message, back up codes, Google Authenticator App, security key, and Google Prompt.
Google revamped the Google prompt back in February 2017, it made it able to easily approve or deny access. You would normally see something like this:
Starting next week, 2-Step Verification SMS users will start to see the Google Prompts when they sign in. It’s an invitation and allows you to preview it first. As someone that has used it, it is smooth and nice. A quick approval and no typing in codes…it is nice. If you choose it you can always opt back out afterwards.
Google is trying to use this as SMS text message verification and one-time codes are more susceptible to phishing attempts. Using account authentication instead of SMS, admins can be sure mobile policies are followed within their corporation.
- Only SMS users will see these invites.
- Google Prompt needs a data connection.
- iOS users will need the Google Search app to use this.
- Enterprise edition domains also can enforce security keys for more advanced security requirements.
- Even if opting out, users will receive follow-up notifications to switch after 6 months.
Better security is always good. That’s why I use 2-Step.