Google says default 2FA cut account breaches in half

On top of this, the company will soon let you try account-level safe browsing.

Nicolas Economou/NurPhoto via Getty Images

Google's decision to enable two-factor authentication by default appears to have borne fruit. The search firm has revealed that account breaches dropped by 50 percent among those users where 2FA (two-step verification in Google-speak) was auto-enabled. The plunge was proof the extra factor is "effective" in safeguarding your data, Google said, although it didn't disclose the exact number of compromised accounts.

The company didn't say how rapidly it expected 2FA to spread, but promised to continue the rollout through 2022. More than 150 million people have been auto-enrolled so far, including more than 2 million YouTube creators.

The company also promised more security upgrades to help mark Safer Internet Day. As of March, Google will let you opt-in to an account-level safe browsing option that keeps you from visiting known harmful sites. Google is also expanding Assistant's privacy-minded Guest Mode to nine new languages in the months ahead, and has promised to ramp up safeguards for politicians ahead of the US midterm elections.

The reduced volume of account breaches isn't a shock — requiring more effort to crack an account is bound to deter some would-be intruders. It hasn't always been easy to show the tangible impact of 2FA on security, though, and the sheer scale of Google's user base gives it a representative sample others can't easily match.