Gmail Says Adios to SMS Authentication

News from Google this morning is that Gmail will soon ditch SMS code authentication, because honestly, it’s just not all that secure.

Speaking to Forbes, Gmail spokesperson Ross Richendrfer says that similar to how Google has moved away from passwords and is having people adopt passkeys, the company will have Gmail move away from SMS authentication codes, amid a mass of “rampant, global SMS abuse.”

More secure forms of authentication exist, such as with biometrics, along with other ideas Google has. One form of authenticating a user that Richendrfer spoke of was with the use of QR codes. He says, “Specifically, instead of entering your number and receiving a 6-digit code, you’ll see a QR code being displayed, which you need to scan with the camera app on your phone.”

There are two key benefits to QR code usage, according to Google.

1. Reducing the phishing risk of Gmail users being tricked into sharing their security codes with a threat actor. Primarily, and rather obviously, since there’s no such code to share in the first place.
2. Removing reliance, in most cases at least, of Google users on their phone carrier for anti-abuse protections.

We don’t have an official date when this change will take place, but we’ll keep you posted when Google reveals more.