Google is streamlining the process of setting up two-factor authentication (2FA). Instead of entering your phone number first to enable 2FA, you can now add a “second step method” to your account such as an authenticator app or a hardware security key to get things set up.
This should make it safer to turn on 2FA, as it lets you avoid using less secure SMS verification. You can choose to enter a time-based one-time passcode through apps like Google Authenticator, or you can follow the steps to link a hardware security key.
Google offers two options to link a security key, including by registering a FIDO1 credential on the hardware key or by assigning a passkey to one. If you have a Workspace account linked to an organization and want to use a passkey, you may still have to sign in with a password, too, depending on your organization’s settings.
