Google plans to upgrade two-factor authentication tool after high-profile hacks

Illustration by Alex Castro / The Verge

Google plans on upgrading its two-factor authentication tool with an improved, physical security measure aimed at protecting high-profile users from politically motivated cyberattacks, according to a report from Bloomberg. The new service, to be called Advanced Protection Program and potentially slated to launch next month, will trade out the standard authentication process for services like Gmail and Google Drive with physical USB security keys. The service would also restrict the types of third-party apps and services that could connect to a user’s Google account.

The changes are not likely to affect standard Google account owners, as Bloomberg reports that Google “plans to market the product to corporate executives, politicians and others with heightened security concerns.” Following the 2016 hack of Clinton campaign chairman John Podesta’s Gmail account, which was the result of a phishing attack with links to the Russian government, Google began looking into measures that would improve security for users in possession of sensitive material and those in a position of political prominence. The new physical security keys, which will require users keep them plugged in to access the additional security controls, should make it more difficult to remotely gain control of someone’s Gmail or Google Drive account.

Related Post