Maybe you’ve heard of Google’s “Advanced Protection” program. Maybe you haven’t. Either way, we’re going to talk about what it is, who should use it, and how to enable it. Let’s go.
What is Google Advanced Protection?
Google Advanced Protection (GAP) is basically two-factor authentication (2FA) on steroids. It uses 2FA as part of the process, but it requires two security keys instead of just one—something like Google’s Titan Key bundle is perfect because one wireless key and one USB-only key is recommended for GAP.
The second key is more of a failsafe so your account is still protected should something happen to the first one. This is something that anyone can add to their Google account—you don’t need GAP to use two security keys. Again, the Titan Bundle is a perfect example of how this works in practice.
Beyond that, GAP also limits third-party access to your Google account. While you can use your Google account to sign into some sites, this type of access is limited to “Google apps and select third-party apps,” which helps protect your data from potentially fraudulent activity. It can also make things a hassle if you use your Google account to log in to a lot of third-party services. Can’t win ’em all, I guess.
Lastly, GAP enables extra security measures to safeguard your account from potential hijackers. While unlikely, the most determined of account thieves can attempt to steal your account by simply pretending to be you. With GAP enabled on your account, extra steps are put in place to help prevent this—even if you lose both of your security keys. This means Google will require additional information from you to gain access to your account, which “will take a few days for Google to verify it’s you.” So…try not to lose your keys.
Who is Advanced Protection For?
Now there’s the big question. With all these extra layers of security and, let’s be honest here, major inconveniences, it’s clear that GAP isn’t for everyone. In fact, it’s probably not even for you.
Google’s intent with Advanced Protection is to safeguard “the personal Google Accounts of anyone at risk of targeted attacks—like journalists, activists, business leaders, and political campaign teams.” In other words, people who are more likely to be targeted and have something to lose when attacked. Or people who attackers have something to gain by, um, attacking.
If you’re not one of those people, the odds are you don’t need to enable GAP. It’s just overkill for most users—for most people, just using 2FA is enough. And like I said earlier, you don’t have to use GAP to add security keys to your Google account, so that’s a good idea too.
Read the remaining 31 paragraphs
Source: How-To Geek