It’s not easy being an internet user these days. After finally getting the hang of how to properly protect online accounts it turns out that not even strong passwords are enough anymore. And seeing how easily security flaws – such as Meltdown and Spectre – had brought the entire world to heel, it’s absolutely not surprising that people have had enough of passwords.
Thankfully, online services and big tech corporations have heard the pleas of users and have given the world biometric authentication – the most convenient alternative to passwords – and incredibly useful functions like two-factor authentication (2FA) that completely protects the password process. Although nowadays biometric authentication is in fashion, it’s actually with two-factor authentication that Google, a company known for making questionable choices regarding user privacy, has reached a breakthrough.
Enter Google Advanced Protection Program, the next evolutionary step towards the complete protection of our online privacy.
Google Advanced Protection in a Nutshell
You may be wondering what use Google Advanced Protection is if Google already has the Google Authenticator app, a temporary passcode generator that is loved by many and widely considered to be infallible. But sadly, Google Authenticator and the like only seem safe on the surface. As these created passcodes are sent over the internet, they can be intercepted by more cunning hackers as easily as simple passwords.
Google Advanced Protection, available to the general public as of October 2017, is a more advanced form of two-factor authentication, replacing those temporary codes with a security dongle using the FIDO Alliance protocol, such as the Feitian MultiPass FIDO security key and the YubiKey FIDO U2F USB security key. This means that each time users want to access their Google accounts they are required to connect the special dongle to the device the login is made from – either physically through a USB port or via a Bluetooth connection.
Simply put, if the dongle is not paired to the right device and the special button on that key is not pressed then the login process is terminated and access to the Google account is blocked.
Advantages and Disadvantages
At first this doesn’t sound too revolutionary, since USB keys have already been used in multiple ways for verification purposes. However, the strength of Google Advanced Protection lies below the surface.
The moment this reinforced online protection is turned on, nobody else but you can access your Google account; as a matter of fact, anyone daring to steal Google account data will face an impenetrable wall of defense. In addition to that, all incoming data has to go through Google’s special malware scanners, meaning that documents containing viruses or phishing emails won’t even have the chance to appear before you. And if that’s not enough, accounts with Google Advanced Protection will automatically deny permission from third party services to access the user’s data.
Still, even if Google’s Advanced Protection Program is something to be praised, there are a few very serious problems with the concept. First, the dongles cost around $20-$25 and losing them could cause a major headache. Second, since files have to go through Google’s malware scanners, the attachments are withheld by a whole minute. And since third party apps and services can’t access your Google data, you are forced into using the Google equivalent of those applications – which is a huge blow to iOS users in particular.
Maybe Try This First
Don’t get us wrong, it’s good to see that big corporations are finally taking the protection of our online privacy seriously. And the fact that it’s Google that has come up with this advanced authentication method shows that we’re on the way towards achieving a truly safe cyber space. However, in its current state Google Advanced Protection seems like overkill for the average internet user: for them a password manager is more than enough for a number of reasons.
The most important reason is that a password manager requires the user to memorize only one password, the master password that is used to access the encrypted vault where all other passwords are stored. These passwords can then be easily replaced with unbreakable ones – none of which need to be remembered – thanks to the built-in password generator. And, if you want extra protection for your online accounts beside those strong passwords, you can still use two-factor authenticator apps for effectively protecting your online identity and the password manager’s own vault.
Best Password Managers of 2018