Google extends two-factor authentication service to thwart phishing attacks

Google has expanded the reach of its two-factor authentication service launched earlier this year to over 150 countries, as the firm tries to improve log-in security for its users.

The two-step verification feature was launched in February for log-in to services such as YouTube and Gmail. It requires users to input a password along with a secondary code sent to a mobile device.

This can be an automated phone call or text message, or can be generated by an application on Android, BlackBerry and iPhone devices.

"Examples in the news of password theft and data breaches constantly remind us to stay on our toes and take advantage of tools to properly secure our valuable online information," explained Google Security product manager Nishit Shah in a blog post.

"Email, social networking and other online accounts still get compromised today, but two-step verification cuts those risks significantly."

The service is now available in 40 languages and more than 150 countries, he added.

Two-factor authentication is widely seen as one of the most effective ways to limit the success of phishing attacks, which remain on the increase thanks to the widespread availability of phishing toolkits on underground web forums.

The most recent Symantec Intelligence report said that the rise in phishing may be as a result of spammers looking for new ways to make money.