Google, a subsidiary of Alphabet Inc., plans to implement the Advanced Protection Program next month according to a report from Bloomberg. This is a system designed to fully replace two factor authentication and is seen as much more secure. It is specifically going to be marketed at those with security concerns, such as corporate executives and politicians. This comes in the wake of John Podesta, Hilary Clinton’s 2016 campaign chairman, being hacked (phished) and having his Gmail-provided emails leaked during the last US presidential campaign.
Said to improve on existing security measures, Google will be releasing a security USB for use with accounts. Google has already released similar software for a USB Security Key 2014. It is designed to replace the standard method of two factor authentication.
Accounts with these security features will require a USBs to be plugged in to log in running Google’s USB security software as well as a second physical key for greater protection. As part of the package, Google will block access to a user’s personal information, including emails and Google Drive, from all third party applications. The plan for Google is to upgrade the device periodically to introduce new security features and continue to protect user information.
This news comes during a time where security should be at the forefront of many of our minds. Google has started to send out emails when users may be the aim of a state sponsored attack, along with information if someone is attempting to phish them. It is fair to say however that for 99% of use cases a two factor authentication SMS code is enough security. It is highly unlikely people will be able to get access to your phone if you are being hacked online. Still it’s great to see Google stepping up their security and putting the needs of their users first.