Phishing and password theft are perennial threats for all businesses around the world. The introduction of 2-factor authentication, where you have your password and something you possess (such as a USB stick) to confirm who you really are has gone a long way to improving safety.
The most common 2FA method is for a code to be sent to your phone after you put in your username and password. Unfortunately, this is susceptible to hacking and interception by various means.
Now Google has made it simpler for you to use your phone as the second part of your 2FA process when using their accounts. Remember that Google has a pretty large workforce, some 85,000 worldwide, and has been employing 2FA for a couple of years now as company policy. They report that no employee has been the victim of a phishing attack at work since its implementation.
How Does a Phone Security Key Work?
The new security key is available for all Android 7 devices and above. All you need to do is sign up to use your phone as the security key in place of something like a USB and then you just follow the prompt when you enter your username and password. Because most of us tend to carry our smartphones around with us at all times, it’s a more practical solution than a USB stick and safer than a traditional code key.
If your business uses Google a lot and you want even more protection, you can go a step further with the company’s Advanced Protection Program which provides additional support to stop hackers getting hold of your details.
There’s no doubt that hackers are becoming increasingly sophisticated in the ways they try to access accounts and it’s important to be wary and keep up with the latest security developments. That means having a strong password protocol in the first place that is utilized by all staff and including 2 step verification with an additional security key, whether that’s via your Android phone or some other method.