![]() It's a good idea to perform a security check-up regularly, and Google makes that easy. The use of a security key is mandatory if you are enrolled in the Advanced Protection programme at Google, for accounts that are at a greater risk of targeted attack.Ĭonsider how the Google ecosystem wraps multiple aspects of your online life by collecting all kinds of data (opens in new tab) – email, web, personal assistants, the list goes on – and that means access to your core account is a highly prized target for cyber criminals.Īccess to your Google account gives access to Gmail, which gives access to password resets, which gives access to, well, almost everything. These keys are either of the hardware variety, such as a YubiKey or Google's own Titan key (opens in new tab), but can also come built into your smartphone. The final option is the most secure, but can be expensive and more intrusive on the user experience: a security key. You will also get a set of ten-digit single-use codes that you can store somewhere safe as another backup for signing into your account in an emergency. ![]() We recommend using both: one as your default and the other for those times when that option isn't available to you for whatever reason. There’s also the use of authentication codes churned out by Google Authenticator. This avoids the SIM-swap vulnerability by requiring an attacker to be in possession of the device. The second option involves Google prompts being sent to another device you're signed in on. It’s better than nothing, again, and most people won't enter the threat radar where such an attack is likely anyway. The first is by voice or text message, which we wouldn’t recommend as it's the easiest option for a cyber criminal to overcome thanks to the relative simplicity of a SIM-swap attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |