Google Cloud has announced that by the end of 2025, all users will be required to implement multi-factor authentication (MFA) to enhance account security.
Mayank Upadhyay, Vice President of Engineering at Google Cloud, stated that the deployment of MFA will occur in phases, with prior notifications provided to businesses and users to facilitate their preparation. The rollout is expected to take place in three stages, starting from November this year until the end of 2025:
– Phase 1 (Starting November 2024): Providing information to administrators to prepare for the security upgrade.
– Phase 2 (Early 2025): Mandating MFA for all new and existing users when logging in with a password.
– Phase 3 (End of 2025): Expanding MFA measures to linked users.
Upadhyay also noted that users could enable MFA with their identity provider before accessing Google Cloud, and Google will collaborate with these providers to ensure a smooth transition. Additionally, users may add MFA through their Google accounts.
This announcement comes amid ongoing concerns regarding phishing and credential theft, which remain common methods employed by attackers to gain unauthorized access to systems. This initiative follows similar moves by competitors such as Amazon and Microsoft, which have begun implementing MFA for their cloud services.
Source: The hacker news
