How to setup Google two step verification without using a phone number

The update allows users to set up two-factor authentication without the need for a phone number, making it easier for users to secure their accounts using alternative methods such as authenticator apps or hardware security keys.

Google has recently announced a significant update to its two-factor authentication process, also known as 2-Step Verification, aiming to enhance user security while simplifying the setup process.

The update allows users to set up two-factor authentication without the need for a phone number, making it easier for users to secure their accounts using alternative methods such as authenticator apps or hardware security keys.

The new 2-Step Verification setup process allows users to bypass the requirement of entering a phone number, instead opting for one of the following methods:

Authenticator Apps: Previously, users had to enable 2-Step Verification with a phone number first. Now, users can add stronger second-step methods like Google Authenticator or security keys directly without needing a phone number. This is especially useful for organisations that rely on these more secure methods.

Hardware Security Keys: Another update includes new options for hardware security keys. Google now supports the use of hardware security keys, such as YubiKey or Titan, as part of the wo-factor authentication setup.

Meanwhile, Google notes that if a user enrolled in 2-Step Verification decides to turn it off in their account settings, their enrolled second steps (e.g., backup codes, Google Authenticator, or a second-factor phone) will remain on their account. Previously, all second factors were removed when 2-Step Verification was turned off. However, in line with the update, if an administrator disables 2-Step Verification for a user through the Admin console or Admin SDK, the second factors will still be removed as before, ensuring that off-boarding workflows remain consistent.

According to Google, its new update to the 2-Step Verification process reflects its ongoing commitment to user security, particularly given the persistent risks faced by Android users and Google account holders. By offering a more robust wo-factor authentication system, Google aims to help users defend against security threats such as phishing attacks and unauthorised access.