When someone asks me about improving their online security, I tell them to enable two-factor authentication (2FA). By introducing another security element besides your password, like a Google Authenticator code, you make it orders of magnitude harder for someone to break into your online accounts, even if they get ahold of your password.
Most major online services, such as Google, Facebook, and Twitter, already offer 2FA. Soon, however, Google is making 2FA (also called two-step verification, or 2SV) on by default.
In a blog post Thursday — timed to align with the World Password Day, May 6 (yes, that’s a thing) — Google’s security chief Mark Risher paints a future that’s entirely password-free.