Nowadays, it really rolls out the key to thwart the employee phishing at Google is one of the actual keys.
According to the latest report, the company will start using the physical USB-based security keys in the early of 2017, and since then not any of its 85,000-plus employees have been phished on their work accounts. Though the keys always serve as a substitute to two-factor authentication process in which the users will log into a website by using a password and login details and then have to enter an additional one-time code which is generally sent to your phone number via text or an app.
Recently, one of the Google representatives in a post told that the security keys are always used for all those account access at the company.
The representative also told that the company had no confirmed or reported account takeovers while executing the security keys at the Google. Some users might be asked to authenticate only by using their security key for many other apps or reasons. But it completely depends on the sensitivity of the app and also the risk of the user then.
By 2017, the Google employees were always used one-time codes which are generated by the Google Authenticator app, according to the sources. Although a security key that retails for as little as $20, uses a version of multi-factor authentication which is called as Universal 2nd Factor (U2F). The U2F always allows the users to log in by inserting the USB device and also by pushing a button on it. When the device is linked to a definite site, then users don’t need to enter their passwords.
However, more sites are adopting the U2F authentication, but currently, a small number is supporting it, such as Facebook, Dropbox, and Github. It is also supported by some browsers including the Chrome, Firefox, and Opera. Microsoft will reportedly update its Edge browser only to support U2F later this year.
Marshall Lyne is a self-professed security expert; he has been making the people aware of the security threats. His passion is to write about Cyber security, cryptography, malware, social engineering, internet and new media. He writes for Norton security products at Webroot Support.
According to the latest report, the company will start using the physical USB-based security keys in the early of 2017, and since then not any of its 85,000-plus employees have been phished on their work accounts. Though the keys always serve as a substitute to two-factor authentication process in which the users will log into a website by using a password and login details and then have to enter an additional one-time code which is generally sent to your phone number via text or an app.
Recently, one of the Google representatives in a post told that the security keys are always used for all those account access at the company.
The representative also told that the company had no confirmed or reported account takeovers while executing the security keys at the Google. Some users might be asked to authenticate only by using their security key for many other apps or reasons. But it completely depends on the sensitivity of the app and also the risk of the user then.
By 2017, the Google employees were always used one-time codes which are generated by the Google Authenticator app, according to the sources. Although a security key that retails for as little as $20, uses a version of multi-factor authentication which is called as Universal 2nd Factor (U2F). The U2F always allows the users to log in by inserting the USB device and also by pushing a button on it. When the device is linked to a definite site, then users don’t need to enter their passwords.
However, more sites are adopting the U2F authentication, but currently, a small number is supporting it, such as Facebook, Dropbox, and Github. It is also supported by some browsers including the Chrome, Firefox, and Opera. Microsoft will reportedly update its Edge browser only to support U2F later this year.
Marshall Lyne is a self-professed security expert; he has been making the people aware of the security threats. His passion is to write about Cyber security, cryptography, malware, social engineering, internet and new media. He writes for Norton security products at Webroot Support.
Source: Corenewss
No comments
Note: only a member of this blog may post a comment.