Worried About Phishing, Use These Inexpensive Tried And Tested Devices By Google>
Value Walk – Aman Jain
Phishing attacks are a big concern for companies nowadays, but for Google, which has about 85,000+ employees around the world, itâs no problem at all. The search giant has found a cost-effective but efficient solution against phishing â Security Keys. Google told KrebsOnSecurity that none of its employees have been successfully phished since early 2017, when the search giant made it compulsory for all the employees to replace passwords and one-time codes with the physical Security Keys. Security Keys are an alternative to the two-factor authentication (2FA). In 2FA, a user needs to log into a website using their password, and then authenticate again using their mobile device. On the other hand, using Security Keys is comparatively easier and quicker as they are USB-based devices that just need to be plugged in. A Security Key is based on multi-factor authentication (also called Universal 2nd Factor or U2F), where the login process is completed just by inserting the USB key and clicking the button on the device. A Google study in 2016 found that text-message or the app-based two-factor authentication had an average failure rate of 3%. The security key system (also called U2F) was found to have a 0% failure rate. Yubico is a popular manufacturer of Security Keys, which starts at $20. The more expensive version of the hardware comes with support for a smartphone or a USB-C port. Anyone can easily buy such keys online via Amazon and other retailers. Further, the tech industry is working on new login standards to make such USB keys universally accepted. In fact, many developers are favoring hardware security keys to authenticate the softwareâs validity. Major password managers â such as Keepass, LastPass, Dashlane â also support U2F.
Link: https://www.valuewalk.com/2018/07/phishing-inexpensive-google-devices/