Google Cloud Will Make Multi-Factor Authentication Mandatory for All Users Starting 2025
Google Cloud will soon make multi-factor authentication (MFA) mandatory for all users, the platform’s Vice President of Engineering announced on Tuesday. The company says this decision has been taken in a bid to strengthen the cloud platform’s security without affecting the convenient online experience that it provides. Its rollout will commence in a phased approach, and enterprises and users will receive notification from Google Cloud ahead of the deployment of the mandatory MFA.
Mandatory MFA on Google Cloud
In a blog post, Mayank Upadhyay, Vice President of Engineering at Google Cloud announced that the platform will make MFA mandatory for all users who currently use a password as the sole means of authentication when logging in. At present, 70 percent of Cloud users already take advantage of additional MFA authentication, the company says. This measure will be implemented worldwide for enterprises as well as individual users in a phased approach starting in 2025.
To enable MFA for Google Account, users need to:
- Access the security settings by navigating to the security.google.com website.
- Select 2-Step Verification under the How you sign in to Google tab.
- Follow the on-screen instructions like adding a phone number to complete the process.
Phase one of its rollout plan will commence this month where it will encourage the adoption of MFA by providing helpful reminders and more information about the technology in the Cloud Console. It will also provide resources for planning and a smooth transition to MFA. Starting Early 2025, phase two will begin and MFA for new and existing Google Cloud users will become mandatory. Users will need to enrol in MFA to use platforms like Google Cloud Console, Firebase Console and gCloud.
Phase three of the rollout will commence by the end of 2025 and using MFA will become mandatory for those using federated authentication while signing into Google Cloud. They will be provided flexible options for signing in, such as enabling MFA with the primary identity provider or using it directly via the Google account.