This case study is protected

Please enter the password to view this project.

← Back to portfolio

Simplifying account security

Company Google
Role Senior Interaction Designer
Year 2022-2023
Google Account security interface
Context

Google prides itself in being a leader in account security

Google has invested heavily in security infrastructure, building industry-leading features to protect billions of users worldwide, as evidenced by the diverse security ecosystem. From Security Checkup to 2-Step Verification, Titan Security Keys to Advanced Protection Program – Google offers a comprehensive suite of security tools designed to keep accounts safe.

Collection of Google security features including Security Checkup, 2-Step Verification, Titan Security Key, and more
The Problem

Google's Security Paradox

Google offers industry-leading security features, but users struggle to understand and adopt them, making the ability to improve a user's account security overwhelming for most users.

1

Unclear hierarchy

While Security Checkup provided tailored recommendations, the "Recent security events" card appeared inconsistently and offered no actionable insights.

2

Fragmented core features

Account access controls were split into two confusing sections: "Signing in to Google" and "Ways we can verify it's you." These appeared competitive rather than complementary.

3

No clear narrative

Users couldn't easily understand what to prioritize or how the features connected to their overall account security.

Google Account Security settings page showing the fragmented layout The Security Settings tab before the redesign

User insights reinforce the concern

1

Feeling vulnerable

"You never really know; you always have a feeling that there is somebody out there who could hack you or something."

2

Overwhelming complexity

"[Account security] feels like work. Kind of like 'Inception' – you click on that, you then go deeper. I don't feel that I can go into it any further, because I'd get lost."

3

Confusing language

"I'd have to just give up. When I read all these words, I don't really understand what I'm reading. There's lots of words."

Google's Account Security Initiative

Ensuring users are Secure by Default

Google was preparing to auto-enroll all 2SV-capable accounts as part of a 'Secure by Default' initiative. This meant 4 billion users – the general population – would soon be automatically enrolled in 2-Step Verification.

Diagram showing 4 billion users in the general population with 2SV as minimum

How might we...

1

Make security simple

2

Prepare users for Secure by Default

A UX Led Initiative

The goal

With engineering focused on authentication infrastructure and 2-Step Verification enrollment, I led a UX initiative to simplify how users understand and manage these foundational security features.

Provide Google users with a simple approach to their Security Settings, clarifying our obscure security offerings with a clear authentication focus.

The Proposed Solution

How you sign in to Google

1

More visual emphasis on Security Checkup, providing tailored security recommendations

2

Combined recovery options and authentication methods into one "How you sign in" card

3

"More sign-in options" CTA will lead to contextual education page

New Security settings design showing the simplified How you sign in to Google card

Pushing boundaries with educational content

I championed this page design based on user research showing people wanted more context and education around security features. The mocks use placeholder images to rapidly validate information architecture with stakeholders before investing in detailed graphics. Working with my UX writing partner, I organized authentication methods by priority – most secure, convenient, and backup options – while prioritizing security over convenience despite technical complexity.

1

A landing page for users to explore and learn more about the multitude of sign in options available

2

Minimum recommended methods for 2SV to be highlighted above

What sign-in options are right for you page showing recommended methods for 2-Step Verification

The page was also designed with progressive disclosure to reduce cognitive load and encourage user engagement. When expanded, each section provides short summaries about the value of each method, plus educational links.

Sign-in options page with expanded sections showing progressive disclosure

"Learn more" links open educational wizards that I previously designed for Google's Advanced Protection Program enrollment flow.

Educational wizards offer delightful educational moments within users' existing journeys, proven to enhance user trust compared to traditional Help Center articles that navigate users away and cause significant drop-off. My goal was to leverage these educational components across various security experiences to build a comprehensive system, repurposing proven patterns that keep users engaged in their current flow rather than losing them to external documentation.

Educational wizard showing how to sign in with security keys
What Was Immediately Launched

The P0: 2SV Onboarding Entrypoint

After socializing this concept across various PMs and engineering leads, it was overwhelmingly clear to the team and to leadership, the user benefit that these changes would provide. With Secure by Default's timeline quickly approaching, we knew that we needed to launch something quickly.

I collaborated with product and engineering partners to define a P0 MVP focused on the 2SV onboarding entry point – the core of my redesigned Security Settings tab. Together, we outlined a phased approach to incrementally roll out the guided experience and improve users' security states.

P0 launch showing the 2SV onboarding entry point in Security Settings
The Impact

P0 project outcomes

1-month post launch

1

25% increase in 2SV adoption

2

40% lift in users adding sign in methods

×