Google's two-step verification, which was launched last year, requires two means of identification to sign in to a Google Apps account: something you know (a password) and something you have (a verification code from your mobile phone). "Even if someone has stolen your password, they'll need more than that to access your account," Google says.
This week, Google enhanced administrators' ability to enforce the used of two-step verification. "Starting today, domain administrators can require the users in their domain to use two-step verification," Google says. "This new feature will help Google Apps customers accelerate their deployment of two-step verification."
Google also added tighter integration with Microsoft Active Directory. "We’ve added new capabilities to synchronize and manage passwords," Google says. "Businesses can manage password policies [e.g. password strength, reset intervals, etc.] using AD and then synchronize from AD to Google Apps when passwords are changed. Passwords are transmitted hashed and encrypted during synchronization."
Users can learn how to configure the new features in the Google Apps help center.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.