30 July 2016
It was first rumored back in December 2015 that Google is prepping a new way to sign into the accounts and services. We even found a few screenshots of the same process in the same timeframe. However, this didn't grab any continuous attention from everyone as no such further traces were found after then. Interestingly, Google has now made the new signing process active to everyone that requires an Android or iOS device to authenticate the account.
The major difference is you don't need to rely on your alphanumeric or sometimes even complex passwords to access your accounts as this work will now be done by your handsets running either Android or iOS platforms.
After tweaking the settings from your account, Google will prompt you that someone is signing in to your account. Giving an access using that prompt from your compatible smartphone will authenticate the user. This means every time you sign-in, a prompt will be generated to your smartphone asking whether or not sign in to the account. This is an avatar of the two-way sign in which makes things easier. The criteria of signing in using the new two-way sign to your Gmail account is that the users need an Android phone with updated Google Play services or the iPhone 5S and later versions. Also, the phone needs to be secured from direct access to the applications from the lock screen. For this, Android phone will need an active screen lock mechanism, and iPhones need TouchID. Furthermore, iPhones will also need the latest updated version of the Google App installed.
To start using the new way of authentication, first, decide on which phones you want to have the prompts. So, go to Sign in and security section from your computer or laptop and set up your phones.
Once it's done, you need to authenticate every time whenever you sign-in through your computer or laptop.
As you can see in the below image -
We know what's going on in your mind – security! User's security is the major and primary concern for Google and the same was kept in mind while setting up this new sign-in process or a new two-way authentication process. If Google's suspicion algorithms found something inappropriate, users will be asked to enter the password on the mobile device.
Obviously, one must not set up a shared device and only use the phones that personally belongs to a user. If a phone gets stolen or lost then the device can be removed from the account settings. The regular password or the classic way of authentication will still reside with the users.