Google Extends Multi-Factor Authentication Options With Prompt

Stina Ehrensvard

Stina Ehrensvard

3 minute read

Google yesterday released a third option for its two-step verification, complementing the Google Authenticator phone app and FIDO U2F Security Keys. This release supports moving from two-factor to a true multi-factor authentication offering

Google Prompt is a push app for mobile authentication, similar to two-factor push solutions offered by others like Duo Security. There is no authentication solution that fits everyone’s needs, and Prompt has both advantages and challenges.

Google Prompt Advantages

  • Free software to download/update on a smartphone, no additional device needed
  • Allows moving from two-factor to a true multi-factor authentication offering
  • Much easier than typing a code or PIN from Google Authenticator

Google Prompt Challenges

  • Requires a data connection
  • Does not protect against phishing and man-in-the-middle attacks
  • Does not work with non-Google services
  • Some organizations do not allow users to bring their phone to work
  • Support and backup issues when the user’s phone (a single, expensive authenticator) is lost, broken, or has a dead battery

Currently, users can’t have Security Keys and Google Prompt enabled at the same time. We expect this will change soon, as Prompt is a better phone-based complement to the Security Key than Google Authenticator.

Google has spent the past five years building its strong authentication strategy with Prompt the latest piece of that plan, which also includes multiple protocols, cross-platform support and administrative tools. Prompt is an attempt to match capabilities already available in the identity and access management market such as Okta Verify, Centrify Push, and PingID Swipe.

Google’s ultimate goal is to build an identity-as-a-service (IDaaS) for enterprises, including a host of federation options (SAML, OIDC), and management tools such as mobile device management and provisioning, which is currently being tested by Salesforce, Slack, and Facebook at Work. Google discussed this IDaaS plan in early June 2016 at the Cloud Identity Summit with focus on Google IDP, Firebase Auth, and customer facing login.

Management of the identity and authentication ecosystem is an absolute requirement for the enterprise and we applaud Google’s efforts here. Strong authentication isn’t one method used everywhere — it’s a combination of options matched to use cases.  Currently, FIDO U2F Security Keys, including YubiKeys, are proven to offer higher security, a faster login experience, and fewer support calls than any other authentication technology on the market.

YubiKey users can have one single and simple key to access a wide range of IT applications, including computers, servers, networks, leading online services and IAM platforms, as well as to sign and encrypt data.

Updated July 24, 2016 to clarify phishing, man-in-the-middle challenge

, , ,
Talk to our teamTalk to our team

Share this article:
  • Future-proofing authentication: A look at the future of post-quantum cryptographyThe path from passwords to passkeys and beyond In a previous blog I talked about the end of passwords and the rise of passkeys, which promise stronger security and less frustration for both individuals and businesses. The global momentum behind passkeys represents one of the most exciting shifts in authentication history, but realizing their full […]Read more
  • Goodbye master passwords: Dashlane and Yubico enhance credential vault encryption and login with YubiKeysAt Authenticate 2025 this week, the world’s leading experts on modern authentication and securing digital identities gathered, to discuss the future of secure authentication and achieving usable security across the account lifecycle. The message was clear: the future of phishing-resistant authentication is using passkeys for encryption, and the gold standard is device-bound passkeys – YubiKeys. […]Read morecredential vault encryptioncredential vault loginDashlanepartnerpasskey encryptionPRF
  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreYubiKey