Just one in 10 people have enable two-factor authentication, a simple security protocol, on their Gmail accounts despite the additional layer of safety being made available to users nearly seven years ago, the Register reported .

According to Google software engineer Grzegorz Milka, the low adoption rate is a result of users finding two-factor authentication too burdensome to adapt. Most people would rather skip the additional step required to sign in than know it is providing additional security.

Two-factor authentication is an increasingly standard security tool offered to users that provides a secondary check at login to ensure a user’s account isn’t compromised.

After a user enters a password, they are given a code—typically sent via text message to a smartphone associated with the user or offered through an app that can be accessed on the user’s mobile device or desktop. That code, which is only good for a temporary period, has to be entered before the user gains access to the account.

Two-factor authentication is a useful tool for preventing unauthorized access to an account. Given the number of breaches that have occurred in recent years, it’s not uncommon for a person’s email address and password to be available online. For people who reuse passwords, a breach from one site can lead to an account for a completely different service being compromised.

Despite the value of a tool like two-factor authentication, most Gmail users are making the decision to opt in to the security feature—and Google isn’t about to force them to use it, either. Milka explained during a presentation at the Usenix Enigma 2018 security conference that two-factor authentication still has usability issues for some, and forcing adoption would drive users away.

Most people will pick convenience over security, as Google’s figures show. However, while using two-factor authentication can be slightly burdensome, it also provides a valuable layer of security that can keep sensitive information safe and secure.

How To Set Up Two-Factor Authentication On Gmail

To add it to a Gmail account, users must first login to their Gmail account, then visit the “ My Account ” page by clicking on the account icon in the upper right-hand of the screen.

Once on the My Account page, look under the “Sign in & security” heading. Once the page for this option opens, click the “Signing into Google” option on from the vertical menu on the left-hand side of the screen.

In a box titled “Password & sign-in method” there should be a menu that says “ 2-Step Verification .” Click on it to begin the process.

Two-step verification
Google's two-step verification page. Screengrab via Google

A screen should appear with information about two-step verification. Click the “Get started” button and Google will begin the process of setting up the security feature. The user will be prompted to provide a phone number to receive texted codes. The user should provide the number of their primary mobile device so the codes will be readily accessible when needed.

Once the process is finished, Google will walk the user through other verification methods including app-based authenticators that generate temporary codes and physical keys that must be plugged into a device or within wireless range to verify a user’s identity.

The next time the user goes to sign in to their Gmail account, they will receive a text message with a verification code. Enter that code and Google will provide access to the account.

RELATED STORIES
Security Google Security