[ad_1]
It turns out that since the beginning of the year 2017, the some 85,000 employees who work in Google 's facilities have not suffered any damage. Phishing attacks. The reason? The USB key in each pocket.
Apparently, and as explained in Krebs on security, Google started using USB-based physical security keys in early 2017 and since then none of its employees have been victims of attacks on their work accounts.
Keys serve as an alternative to two-factor authentication, in which users log in to a website first with the help of a password. then enter a unique additional code that is usually sent to the phone by SMS or application. . As a representative of the company explained to Krebs on security:
They are used to access all the accounts of the company, and we have not had any cases of Usurpation since we put these security keys in place. Users could be asked to authenticate using their security key for a variety of reasons. It all depends on the sensitivity of the application and the risk of the user at that time.
By the way, before 2017, company employees used point codes generated by the Google Authenticator application. However, everything changed with the arrival of a security key using an authentication version called Universal 2nd Factor (U2F).
U2F allows users to connect by inserting the USB device. Once the device is linked to a specific site, users no longer need to enter their password. [Krebs on Security vía Cnet]
Source link