The option of a two-step verification process has been added to Google Apps, Google announced today. Once activated by an administrator, the new authentication process requires users to log in using their password and a verification code that’s sent to their phone via SMS or generated using an Android, BlackBerry or iPhone app.
Users have the option of indicating that they are using a computer that they trust, which means that they won’t be asked for the verification code in the future from that machine for 30 days.
Google believes that this two-step authentication process, which might seem familiar to users of certain online banking websites, should make Google Apps much more secure; even if a hacker steals a user’s password, they won’t be able to access the account.
The technology used to implement this system is based on open standards; Google hopes it will allow for integration with other vendors’ authentication technologies in the future. Google is also making the code for the mobile apps open-source so that its customers can customize them.
Administrators for Google Apps Premier, Education and Government Editions can activate two-step verification from the Admin Control Panel now; the mobile apps are available today. Standard Edition customers will be able to access it “in the months ahead.” Google is also planning on making the technology available for individual Google users.
Related GigaOM Pro content (sub. req.): Who Owns Your Data in the Cloud?