Wonderful Engineering

Google Protect Its Employees From Getting Hacked By Using Physical Keys

Phishing attacks are one of the most dangerous kinds of cyber attacks. In these attacks, the hacker tricks people to give them their password and can access their account(s). Google has found an extremely robust solution to this problem to protect their employees. According to a Google spokesperson, they have adopted the physical security keys to stop the attack in their tracks. These security keys are small USB stick devices which are made by YubiKey.

These security keys function similar to the two-factor authentication (2FA) method which you should already be using by now. With 2FA enabled, you will need more than your username and password for access. A second factor, which is often a secret number is sent to a trusted telephone number by SMS or a key which is generated by an authentication app like Google Authenticator.

These methods can help, but they also have their downsides. SMS messages can be compromised by hackers. Authenticator apps are secure, but they are also a hassle. Physical keys can solve both of these problems at once. There are no transmitted codes involved, no phone apps which can be corrupted, and no numbers required to punch in while logging in. All you need to do is to put the Security Key into the device and press a button. Google’s promising results can help these keys gain popularity and can be adopted by more people all over the world.

Yubikey’s Security Keys operate on an open-source standard called Universal 2nd Factor (U2F). It is already supported by various companies and products like Google, Dropbox, Facebook as well as by browsers like Google Chrome, Firefox, and Opera. Security Keys will remain a tool for organizations or individuals who are worried about security. It is being hoped that the practice can spread widely since while the internet has changed various things, it still looks like that a physical key is still the best bet to keep your safe.