Skip to main content

Google’s new Advanced Protection Program could replace two-factor codes

google advanced protection program hardware keys gmail on macbook dark
In the never-ending battle with hackers and crackers around the world, Google is looking to improve the security of its users beyond current two-factor authentication practices. According to one reported rumor, the search giant is planning to introduce a new hardware solution called its “Advanced Protection Program.”

Having good personal security is a major part of keeping yourself safe online. Having a strong password is part of it, but two-factor authentication is considered far safer than a passcode alone. Bloomberg’s report though, suggests that Google may have developed something even safer: hardware ‘keys.’

The system makes use of twin USB devices termed security keys. These would act as their own secondary identifying marker, thereby only letting you log into your Gmail account or equivalent by inserting them into the system you wanted to use. Reportedly you’d need to use both to log in, effectively making it three-factor authentication.

The big advantage of a system like this rather than using your phone is that they are far less conspicuous. Although smartphones have their own security, hackers targeting a high-profile individual would know to go after their smartphone — a device that features remote access — in order to steal their identity. It’s much harder to gain access to a physical device which has no wireless connectivity.

Another big part of the new Advanced Protection Program is that it prevents any third-party applications from accessing your data. Although that’s quite an extreme measure, it’s designed to cater to politicians and executives who should value security over ease of use for sensitive data. One cited example in Bloomberg’s report is the hack of the Democratic National Committee emails in 2016, which could potentially have been prevented with improved security from some of those who had access to them.

It’s not clear as of yet if Google will offer this new security system to everyone, or if it will simply market it privately to business heads and politicians. If it proves popular, however, it wouldn’t be a surprise to see this sort of service appear for other providers in the future.

Whatever it ends up becoming, Google’s new Advanced Protection Program is expected to debut within the next month.

In the meantime, if you need help improving your security, consider a password manager.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Apple won't force two-factor authentication, but you should use it anyway
ios security guide

Although language in an email Apple sent out to MacOS users seemed to suggest that two-factor authentication would become the default security setting for the new version of the operating system, the company has now denied that that's the case. While it still recommends users make use of the additional security offered by such a system, it will only enable it automatically for those who already used it on the previous version of the OS.

Following an email from Apple that did the rounds earlier this week, which stated that if users met certain "basic requirements," that they would be "automatically updated to use two-factor authentication," many publications reported that Apple was forcing the standard on people. However, Apple has now clarified that those "requirements" included already having opted in for two-factor authentication.

Read more
Better late than never: Nest adds two-factor authentication to protect device
A nest thermostat on a wall with the heat setting activated.

Your smart thermostat knows an awful lot about your home and now, you're going to be able to rest a bit easier knowing that information is better protected. On Tuesday, Nest finally announced support for two-factor authentication, promising a "new layer of security" that will help your private information stay private.

You're probably familiar with two-factor authentication: It's a popular security measure that requires not only your password but your phone as well to access an account. So how will it work with Nest? In order to actually activate two-factor authentication, you will need to make your way over to the Nest app, tap the menu icon that appears at the top left of your screen, then find the category Account Security. There is now a new option to activate “2-step verification.” Once you've enabled it, you'll need to re-sign in. As the company explained in a blog post, "The first time you sign into your Nest Account after activating two-factor authentication, you will type in your email and password as always, but then you’ll get a text with a verification code. Enter the code and you’re set."

Read more
Two-factor security is the best lock for your digital life, but it’s not perfect

Two-factor authentication has become something of an online security buzzword over the last few years. Most of us have logged into one service or another only to be presented with a message urging us to implement this form of our protection on an account.

But two-factor authentication isn’t some silver bullet capable of stopping hackers in their tracks. It’s a useful countermeasure to have among your defenses, but ultimately, it’s no substitute for a working knowledge of the biggest threats we face online.

Read more