Today, Google rolled out a new program called Advanced Protection for personal Google accounts, intended to provide much higher account security to users of services like Gmail and Drive who are at a high risk of being targeted by phishers, hackers, and others seeking their personal data.
The opt-in program makes Google services much less convenient to use, but it’s built to prevent the sorts of breaches that have been making recent headlines.
Examples of users who could benefit include journalists, politicians, and other public figures who may be running up against hostile actors with considerable resources—and also for private individuals in dangerous situations, like those escaping abusive relationships.
In its blog post announcing this program, Google specifically named “political campaign managers,” which harkens back to the breach of Hillary Clinton Presidential Campaign Chairman John Podesta’s e-mails, which led to a release from WikiLeaks that may have played a significant role in the US presidential election last year.
And yes, Podesta could have avoided that particular breach had he been using this new program.
That’s because the Advanced Protection Program goes beyond digital two-factor authentication by requiring a physical security key in addition to your password to log in.
This isn’t a new idea, of course, even on the consumer side of things.
Facebook has offered something similar, and even video game company Blizzard has offered one to gamers who want to protect their World of Warcraft accounts for years. In this case, the security key is a USB stick or wireless Bluetooth device that works with FIDO Universal 2nd Factor (U2F).
Read 2 remaining paragraphs