Administrative-level users of Google Ads accounts can now implement an authentication policy for all users who have access to the account. Google announced Monday that the feature is rolling out now.
When the feature is enabled, users must have their own Google accounts enrolled in 2-Step Verification in order to log in to the Google Ads account. It provides a second layer of authentication for added protection against hackers.
If an account has not set up 2-Step Verification, the user will get an authorization error.
This only affects logins to the web user interface; it does not apply to AdWords API or Google Ads API Beta access.
Google has a separate program that provides login security for higher-risk accounts, like those of journalists, political teams and other high-profile people who may be subjected to targeted attacks. The program is called the Advanced Protection Program, and users can register their Google Ads accounts with that program instead.
If you are the administrative owner of a Google Ads account, you will see the option to require multi-factor authentication in the Account Access section of Tools in the Google Ads interface when it rolls out.