Google is streamlining the process of setting up two-factor authentication (2FA). Instead of entering your phone number first to enable 2FA, you can now add a “second step method” to your account such as an authenticator app or a hardware security key to get things set up.

This should make it safer to turn on 2FA, as it lets you avoid using less secure SMS verification. You can choose to enter a time-based one-time passcode through apps like Google Authenticator, or you can follow the steps to link a hardware security key.

Google offers two options to link a security key, including by registering a FIDO1 credential on the hardware key or by assigning a passkey to one. If you have a Workspace account linked to an organization and want to use a passkey, you may still have to sign in with a password, too, depending on your organization’s settings.

Google is rolling out the change to all Workspace users and people with personal Google accounts. Since Google started allowing users to create passkeys last year, the company has seen over 400 million accounts start using them.