Google account holders will soon be seeing an invitation to opt-in to a 2-step verification sign-on feature being offered by the company, a online deadbolt that makes it harder for someone to hack into your account.
The feature, which has been available for Apps customers and is now being offered to all account holders, adds a second step of entering a code that is sent to the user's mobile phone - either by phone call, SMS text or a smartphone app. By doing so, Google is increasing the likelihood that the account holder is the person who is trying to sign-in to the account.
There's a whole process that users have to go through to enable the feature, which is a good thing. The feature won't be activated on accounts, by default. Users have to go in and take care of that. Likewise, users will have to think about their scenarios and what makes sense - such as allowing sign-ins from a specific computer to use the same code for 30 days. And you'll need to come up with a backup phone number and backup code in case the primary phone is lost or damaged.
Remember: we're not just talking about e-mail here. Those accounts include Google Docs, Calendar, Picasa, Blogger and a number of other properties
Google has faced a fair share of critics who have questioned the company's attitude about privacy. This is Google's way of spinning it back on users to make a commitment of their own.
Sure, it's a minor inconvenience to have to verify your log-in attempt with a mobile phone code. But so is using a second key to unlock the deadbolt on your front door. But imagine the opportunity you're giving to a bad guy just because you weren't willing to invest a few extra seconds.
The feature will be unlocked in the account settings.