To stop phishing, Google gave security keys to all employees | News and opinions



[ad_1]

How does Google prevent its employees from being hacked? By using hardware, anyone can buy: USB security keys.

  SecurityWatch

In 2017, the company began distributing physical security keys to 85,000 employees. And since then, no employee has reported repurchases of confirmed business accounts, Google said Monday.

The news, which was reported by security journalist Brian Krebs, shows how a physical security key can prevent your online accounts from being violated. It's often enough to protect your account with a password. Hackers can sometimes guess them, or they can use a phishing email to trick you into giving them up.

However, a security key provides a level of protection that can prevent the best hackers from infiltrating your accounts. It works like this: Any computer that tries to connect will need the password and the physical key.

Security experts call this two-factor authentication, in which you need the password and another account. The largest Internet services, such as Google, Facebook and Twitter, already offer this security solution and you can use it for free

  YubiKey Neo

The only difference is that this two … Factor authentication is usually used with a password and a special code generated on your smartphone. Trying to hack someone with this security setup is not easy, but it can still be done.

Imagine a hacker who has your phone number. It could try to fool you by giving up unique special codes generated on your smartphone. Other hackers were able to break the two-factor authentication by spying on a cellular network and intercepting SMS messages loaded with special codes.

A physical security key solves this problem by introducing hardware into the equation. The password and special codes are all digital, making them easy to send and copy. A USB security key, on the other hand, is not. To enter your account, an attacker must not only know your password, but personally, he must steal your security key. This probably explains why Google employees have been so difficult to phish.

If you are in the market for a security key, the most popular manufacturer is Yubico, who offers them starting at $ 20. The most expensive models can be used to connect with a smartphone or a USB-C port.

Not all sites support USB security keys, but the biggest services include Google, Facebook, Dropbox and more recently Twitter. The entire technology industry is also working to roll out new connection standards that will help make key support universally accepted.

If you have a limited budget, two-factor authentication is always recommended. But it's a good idea to generate the special codes that you will receive via an authentication application, instead of sending them via SMS.

[ad_2]
Source link