Toggle light / dark theme

Google Employees’ Secret to Never Getting Phished Is Using Physical Security Keys

Posted in policy, security

If you’ve been hacked in recent years, odds are you fell for that perfectly crafted phishing message in your email. Even the most mindful individuals can slip up, but Google’s employees have reportedly had a flawless security record for more than a year thanks to a recent policy requiring them to use physical security keys.

Krebs on Security reports that in early 2017, Google started requiring its 85,000 employees to use a security key device to handle two-factor authentication when logging into their various accounts. Rather than just having a single password, or receiving a secondary access code via text message (or an app such as Google Authenticator), the employees had to use a traditional password as well as plug in a device that only they possessed. The results were stellar. From the report:

A Google spokesperson said Security Keys now form the basis of all account access at Google.

Read more

Leave a Reply