Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Plans Upgrade of Two-Factor Authentication For Politicians and CEOs (theverge.com)

Posted by EditorDavid on from the phishing-the-famous dept.

An anonymous reader quotes the Verge: Google plans on upgrading its two-factor authentication tool with an improved, physical security measure aimed at protecting high-profile users from politically motivated cyberattacks, according to a report from Bloomberg. The new service, to be called Advanced Protection Program and potentially slated to launch next month, will trade out the standard authentication process for services like Gmail and Google Drive with physical USB security keys. The service would also restrict the types of third-party apps and services that could connect to a user's Google account.

The changes are not likely to affect standard Google account owners, as Bloomberg reports that Google "plans to market the product to corporate executives, politicians and others with heightened security concerns."

3 of 92 comments (clear)

  1. FIDO U2F keys? by Anonymous Coward · · Score: 3, Informative

    Google already supports FIDO U2F keys, such as yubikey, that you can use instead of their google 2FA app.

    How is this news?

  2. Re:We're not worthy by SlaveToTheGrind · · Score: 4, Informative

    Well, the USB key has been available for well over two years now -- for less than $20.

    And what makes you think you wouldn't be able to buy the rest of the new security package if you wanted to (a) pay the going rate, just like above, and (b) live with the restrictions re third-party app access? TFA (which is basically somewhat educated rumor-mongering anyway) simply says it would be marketed to high-profile users, not that it would be restricted to them.

  3. Re:We're not worthy by Anonymous Coward · · Score: 2, Informative

    do you think they'd be doing this if it was Trump's Campaign Manager that got hacked, and Clinton had won the election? Would that story even spend any time in the media if that was the case?

    Google is addressing problems with their service. I think they would have done so if it was Trump as well. I'm not convinced any of it is partisan on their part. The better authentication is probably something they will sell to others if there is enough demand. Personally if you want security I seriously suggest you use a separate program to encrypt your emails before handing them over to google. That way, even if they are vacuumed you have another layer of encryption such that only the sender and the recipient can get at them assuming you have preshared public keys securely, such that you at least know they are unchanged.

    Of course had Hillary done that it would be proof to the right wingers of pizzagate or some other bs.