Sometimes Google takes a heavy-handed approach to security, but it’s also widely accepted that their heart is in the right place. That seems to be the case with the company’s most recently announced change.

In the near future, the search giant is going to start pushing Gmail and Google account holders to use two-factor authentication (2FA) by automatically enrolling them in those services.

If you decide you really don’t want to bother with two-factor authentication, and thus make your account easier to hack and less secure, then you have to opt out of 2FA rather than having to jump through a few initial hoops to opt in.

Although there will no doubt be a vocal minority of users who will complain mightily about the change, the simple fact is that bad password habits are the single biggest threat to internet security. Human beings are the weakest link, and invariably, they pick passwords that are incredibly easy to remember. That unfortunately, also makes the accounts they guard very easy to hack.

That’s not just idle talk, either. According to statistics gathered by Microsoft, 99.9 percent of the compromised accounts they track every month did not use multi-factor authentication That is another way of saying that 2FA simply works if the goal is to make user accounts more secure.

If you have a G-Mail account or use other Google services, know that the change is coming. Even though it takes a few seconds longer to log in, do yourself a favor and go with the change. It will absolutely make your account more secure, which will mean significantly less risk for you. That’s a good thing.

Grumbles aside, kudos to Google for taking a step that may be unpopular in the short run, but which is undeniably a very good thing in the long run.