It’s World Password Day and Google is marking the occasion by pointing out how passwords alone aren’t enough to secure your accounts and data. The company’s placing a bigger emphasis on two-factor authentication (which it calls two-step verification or 2SV) by activating it on Google accounts by default.

People who have set up 2SV will be asked to confirm the right person is signing in to an account by tapping a prompt on their phone. The company says it will soon start switching on 2SV for everyone automatically, as long as their Google account is set up in the right way. You can check whether that’s the case for you through the Google account Security Checkup. You’ll have the option to opt out, but that’s perhaps not the best course of action.

This is an expansion of an authentication feature Google has had for a while. It might ask you to confirm your identity with an Android prompt or through the Smart Lock, Gmail or Google app on iPhone, as long as you’re signed into the same account. Tapping a prompt is certainly easier than having to punch in a code and Google says it’s more secure than other 2SV methods. Although this only works for Google accounts, it’s highly recommended to turn on two-factor authentication on every account that supports it.

Passwords aren’t entirely a thing of the past, though. In a blog post announcing the 2SV change, Google noted that it has a secure password manager for Chrome, Android and iOS that can autofill your login details on sites and apps. Google’s password manager isn’t necessarily the one we’d recommend, but it’s free, easy to use and far better than not having one at all.