Google to introduce improved account security service in wake of high-profile hacks
Would you carry around two USB keys?By Rob Thubron
Amid the ongoing Russian hacking investigations and fallout from the massive Equifax breach, Google is about to introduce a new service that improves upon its two-factor authentication system --- but it might not be available to everyone.
Citing two people familiar with the matter, Bloomberg reports that Google will launch its Advanced Protection Plan next month. The product will be marketed toward corporate executives, politicians and other high-profile figures with heightened security requirements. Whether it will also be available to 'regular' users is unclear.
Google introduced support for universal 2nd factor (U2F) USB security keys back in 2014 (Facebook, Dropbox, and Salesforce also offer support). It improves security by requiring a dongle be inserted into a computer --- along with a standard password --- to access Google accounts such as Gmail. The method removes the need to type in codes from a phone and offers better protection from phishing sites.
The upcoming Advanced Protection Plan builds on this system by requiring a second physical hardware key in addition to the USB security key. Only when both devices have been detected will a Google account unlock.
The new security plan doesn't stop there, though. Not only will the service block all third-party programs from accessing customers' Google Drive files, but it also offers regular security updates for keeping information secure using the most up-to-date methods.
It was recently revealed that accountancy giant Deloitte was another firm to have fallen victim to hackers. Its global email server had been compromised via a password-protected administrator account that didn't use two-factor authentication.