Friday, 16 November, 2018


Google Leverages Hardware Security Keys To Protect Employees From Phishing Scams

Image Yubico Image Yubico
Melba Vasquez | 25 July, 2018, 20:36

Google has successfully kept more than 85,000 employees from getting phished on their work-related accounts since 2017.

Google says that they have not had a single successful phishing attack for about 18 months following the introduction of physical security keys.

While one time codes are popular - for example, many banks use them to authenticate online transactions - they can be intercepted by determined thieves by using techniques such as SIM spoofing.

For those unfamiliar with such devices, they are basically USB sticks that when plugged into a computer will authenticate the user using it.

Two-factor authentication is better than using only a password, but it has its own issues.

In brief: We know that multi-factor authentication is an excellent way of protecting yourself from phishing attacks, and its most effective form is security keys.

The low-priced items do away with the need for passwords or one-time codes sent by SMS, which have been previously hijacked to attack organisations around the world, with a different way of ensuring two-factor authentication (2FA).

Google took this one step farther in early 2017, and required all employees to start using a security key, according to Krebs.

Despite still being a key that users could lose or misplace, security keys such as those produced by Yubikey have always been touted as a more secure option for workplace sign-ins and security. They work with Chrome, Firefox, and Opera browsers. In both Firefox and Quantum (the newer, faster version of Firefox), U2F is not enabled by default. Trying to hack someone with this security setup isn't easy, but it can still be done. This is something that Google deals with a lot because its employees have access to a wealth of valuable information. Microsoft will update Edge later this year for support and there is no word on if Apple will support it.

Google's advanced protection features include an option to require a physical USB security key to connect to a desktop computer before each log-in as a way to verify a user's identity. Apple hasn't announced any plans on whether or not its standard Safari browser will support U2F. He could try to trick you into giving up the special one-time codes generated over you smartphone. Google has worked with various industry groups, such as the FIDO Alliance, to develop security key technology called U2F.

In general, using SMS and automated phone calls to receive a one-time token is less secure than relying on a software token app like Google Authenticator or Authy.

Recommended

loading...
...

Are iPhone Download Speeds Actually Slower Than Android? Are iPhone Download Speeds Actually Slower Than Android? If you happen to own a Samsung or Google device a new report breaking down smartphone internet speeds should make you very happy. Following closely is the Google Pixel 2 , which offers 34.4Mbps, and the Pixel 2 XL which offers speeds of 33.9Mbps.

Hearing continued for pizza deliveryman facing deportation Hearing continued for pizza deliveryman facing deportation A federal judge had previously blocked his deportation on 11 June after immigration officials had requested an expedited removal. The U.S. government, which had wanted the case moved from NY to New Jersey, did not immediately comment on the judge's action.

FCA's Sergio Marchionne dies at 66 FCA's Sergio Marchionne dies at 66 In a statement , John Elkann, chairman of the controlling Agnelli family said: "Unfortunately, what we feared has come to pass. In 1994, Marchionne joined Alusuisse Lonza Group Ltd. after the Swiss chemical and pharmaceutical company acquired Lawson.

Gary Sanchez Admits He Should Have Hustled On Last Out Gary Sanchez Admits He Should Have Hustled On Last Out If Sanchez had sprinted out of the batter's box, he might have reached first, allowing Aaron Judge to score the game-tying run. He hit a hard ground ball up the middle, where it was corralled by the Rays' second baseman Daniel Robertson.

Donald Trump’s Walk Of Fame Star Destroyed Again He was sentenced to three years probation, 20 days community service and ordered to pay $4,400 (£3,300) for the damage. Tump was honored with his star in 2007 during his run on NBC's television show Apprentice.

Dogs dash to comfort upset owners, study shows Dogs dash to comfort upset owners, study shows Those dogs showed the most stress and were too troubled by the crying to do anything, Sanford said. The owners were asked to either hum Twinkle, Twinkle Little Star or pretend to cry .

French investigators raid home of French President Macron's bodyguard French investigators raid home of French President Macron's bodyguard The shocking attack by Alexandre Benalla was caught on camera and is sparking a major political crisis for the French leader. Both men were charged Sunday with assault, while Benalla is also charged with impersonating a police officer.

Who Can Doubt Fit Daniel Sturridge, Asks Jurgen Klopp Who Can Doubt Fit Daniel Sturridge, Asks Jurgen Klopp That's what we will do again. "We're not in doubt - and nobody was ever in doubt - about his quality", he told liverpoolfc.com. In fact Klopp leads his side to success over rivals City in the final with Mo Salah's extra time penalty giving them the win.

Singapore personal data hack hits 1.5m, including PM Lee Singapore personal data hack hits 1.5m, including PM Lee SingHealth said no phone numbers, financial information or other patient medical records were illegally accessed. However, authorities have put the brakes on these plans while they investigate the cyberattack .

SpaceX launches Telstar 19 Vantage for Telesat The landing marks one of the first landings and launches of the company's newest, upgraded Falcon 9 rockets , called Block 5. Basically, this means the booster will find its way home to land at a selected site a few miles from where it launched.

Trump finds it 'inconceivable' lawyer would tape a client Trump finds it 'inconceivable' lawyer would tape a client A self-described fixer for Trump for more than a decade, Cohen said past year he would "take a bullet" for the president. A self-described fixer for Trump for more than a decade, Cohen said a year ago he would "take a bullet" for Trump.

Tour de France halted; riders inadvertently tear-gassed Tour de France halted; riders inadvertently tear-gassed Spanish rider Gorka Izaguirre finished second, 15 seconds behind, and Yates crossed third with the same time. Tour director Christian Prudhomme condemned the farmers' action and demanded more respect for riders.

India Willing To Address Trade Deficit With Uganda: PM Modi India Willing To Address Trade Deficit With Uganda: PM Modi Prime Minister praised the Indian community for their contribution in development of Rwanda and for their community service. Modi also recalled his trip to Uganda as Gujarat chief minister in 2007 and said the memory of that visit was still afresh.

$512 Million Mega Millions Jackpot Numbers Announced $512 Million Mega Millions Jackpot Numbers Announced Do demographics determine who buys tickets? Worth nothing is that the Powerball jackpot also remains at $147 million. No one hit the jackpot in the last Mega Millions drawing, but a $1 million ticket was sold in Delaware County.

UK Brexit secretary threatens to withhold divorce bill UK Brexit secretary threatens to withhold divorce bill The prime minister has shown how wafer thin her confidence in the new DExEU minister is, launching a desperate attempt to take back control - two years late.