While Google continues to come under scrutiny from those preaching the privacy gospel, there’s one area where the technology titan deserves to be applauded: security. Earlier this year, Google announced it would suddenly flip the security switch on millions of Gmail accounts, a switch that will now also be toggled for two million YouTube creators.
Just as gaining access to a Gmail account is good news for bad actors, so is taking control of well-monetized YouTube channels with high subscriber counts. Credential compromise, be that through the brute-forcing of passwords or using shared credentials that have been exposed in data breaches from other services, is far and away the most common route to such account takeover.
However, beyond the usual best practice advice of ensuring passwords are both attack resilient (long, complex and random) and unique (never, ever, reuse passwords across sites and services), there’s one relatively simple way of stopping most of these attacks in their tracks: two-factor authentication. Better known to most as 2FA, although Google uses the more technically correct two-step verification (2SV) terminology in its announcements, this wraps a secondary layer of access security around an account on top of your username and password.
Which is where the latest warning from Google comes in. The TeamYouTube community manager, Jensen, has posted an announcement that, as of November 1, Google will “require all monetizing YouTube channels to enable two-step verification.”
While this will not impact ordinary users of YouTube, it does mean that the two million creators in the YouTube Partner Program only have a few weeks to get their access security houses in order. In the same posting, Jensen warns YouTube creators that “if you don’t turn on 2-Step Verification by November 1, you will not be able to access YouTube Studio or YouTube Studio Content Manager” until such time that you do enable your account 2FA.
Setting up Google account access 2FA is very easy to do
This is very easy to do, and the steps start by heading to your Google account signing-in options page. You can choose several different ways to verify when signing into your account, the most straightforward being a prompt notification sent to your phone, which requires a one-tap confirmation. Other options include codes sent by text or using an authenticator app, right up to using a hardware key for the most secure option.


By admin

Leave a Reply

Your email address will not be published. Required fields are marked *