Tech Desk 
Feb 25, 2025
Google is set to phase out the use of six-digit authentication codes sent via SMS messages as a two-factor authentication method for Gmail.
As reported by Forbes, the company is now introducing QR codes as a replacement, aiming to eliminate the risks associated with SMS abuse.
Gmail's shift from SMS authentication to QR codes
Gmail spokesperson Ross Richendrfer noted that SMS codes have been used to verify user identities and prevent the mass creation of spam and malware accounts.
However, the feature has its security vulnerabilities as well, including the risk of users being tricked by criminals into sharing codes or not having immediate access to the device receiving the codes.
The shift to QR codes will eliminate the risk of code sharing and remove the security risks introduced by phone carriers, such as unwanted SIM swapping.
QR codes in Gmail
Once implemented, Gmail users will be presented with a QR code to scan using their smartphone camera app, rather than receiving a six-digit code via SMS.
The change will also help Google avoid falling victim to scams like traffic pumping or toll fraud, where fraudsters manipulate online service providers into sending large numbers of SMS messages to controlled numbers, generating revenue for the scammers.
