'Google Just Made Gmail the Most Secure Email Provider on the Planet'

Google announced on Tuesday that it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The company said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Motherboard reports: The main advantage in terms of security is the need for a key or token to log in as the second factor, instead of a code sent via SMS or via app. This is much better because there's no way for hackers to steal or phish this key from afar (there have been isolated incidents of hackers using social engineering to gain access to someone's cell phone number by getting the provider to issue a new SIM card, for instance). Thanks to these new features, Gmail is now the most secure email provider available on the internet if you are worried about hackers breaking into your private correspondence. "This is a major step in the right direction in offering the same kind of protection available to high-profile figures to everyday people," Kenneth White, a Washington D.C. based security consultant to federal agencies, told Motherboard. "They have really thought this through, and while it may not make sense for everyone, for those that need it, it's a much needed option."

I want even less security

somehow I wish the reverse, I hate it google block me access to their web site everytime I change my location, I would like to somehow turn off whatever they had till now. As a user want to have the choice to access my email account as it fits to me, from whenever I want to, is missing with Google.

For a given value of secure

Is it secure from Google?

Re: It's the same tool my identity theft plan uses

Doesnâ(TM)t matter. Their keys are used by other providers already. A friend of mine uses Auth-Anvil as a two-factor for his service which includes email access.

The most secure system is to host it yourself, and encrypt the contents with a key you only have access to.

Chrome only...

[mrsam]

I skimmed Google's write-up of their new offering, and was seriously considering looking into this. I bear no delusions of self-grandeur, or that anyone would have any reason to be interested in sorting through all the confirmation e-mails for the coffee I buy off Amazon; but I do have some key data tied up in the Googleverse, and the cost of an extra keyfob would not exactly break the bank. However, then I came to this:

Google services on the web

You will only be able to use the Chrome browser to access signed-in services like Gmail or Photos.

That breaks the deal for me, since I don't use Chrome, and it would not be convenient for me, for a few reasons. I can't really think of any valid technical reason why this results in any actual security, unless Chrome pins Google's CA; but the same thing can be done in any other browser too.

Re:what if I phish your password?

Hi sir! Please enter your password: ___________

Hi sir! Please also enter your key _________ ....?

Profit!

They did?

[JohnFen]

So they're now encrypting all the emails being stored on their servers and don't hold the key themselves?

Because if they're not doing that, then they're not anything close to "the most secure email provider on the planet".

Not by a long shot

[Troed]

I just switched from Gmail to ProtonMail because I wanted the most secure email provider. This little feature change by Google does nothing to change any of the important factors - one being that with ProtonMail all my emails are stored using client side encryption.

You cannot, ever, trust a US company where National Security Letters come into play.