Many Google services are used by tens and hundreds of millions of people. This is also true for Gmail, an email service that almost all of its users find very convenient. But, unfortunately, the security of Gmail accounts leaves much to be desired. Of course, in most cases, the users themselves are to blame for hacking accounts. It’s rare that someone exposes a complex (really complex) password that contains uppercase and lowercase letters, symbols, and everything else that is needed to create a strong password.
An ordinary person’s account will protect such a password with a high degree of probability. But what if we are talking about a user’s mail account that is of particular interest to crackers? This may be a politician, a star of show business, an employee of a corporation developing a new technology, a banker. There are many examples. And despite the two-factor authentication (which many have heard of, but still do not use), accounts are sometimes hacked. Now Gmail has introduced new features for those users who need special protection.
Non-Gmail chooses such users, anyone can use the new service. To do this, activate what the company calls Advanced Protection. This is a whole set of functions that greatly complicates the task of the cracker. The main advantage of such a system is the need to have a physical token for authorization. That is, two-factor authorization remains, but at the second stage there are no messages or SMS - it is the token, the physical device that is used. It can also be stolen, of course, but the likelihood of this is already much lower than the "withdrawal" of SMS or the use of any other hacking methods.
Thus, Gmail is currently one of the most secure email services in the world. “This is what needed to be done to give ordinary people the level of mail protection that is usually only accessible to famous people,” said Kenneth White, network security consultant. “For those people who really need such protection, this is a great option.”
It is clear that no one will send the physical key for free. You need to buy it. This kind of device from Google costs $ 43. There is a less expensive offer. The keys themselves are now available in two types - either a USB device or a wireless device. Both work with digital signatures and cryptography. In the case of two-step authentication, instead of entering the codes, the user only needs to click on the device button. This, according to Gmail, avoids the danger of sending keys to cybercriminals.
In some cases, they create phishing sites whose design is very similar to Gmail. At a certain point, a phishing site requires a password that is used for two-step authentication. If you enter it manually, then the cybercriminal gains access to the user account on this email service. But the keys are designed so that they only work with the sites / services for which they are intended.
In general, mail protection, if really important data is stored there, is not something to save on. According to the representatives of Gmail, even if the user in one way or another receives the password of the user whose account is protected with the key, the cybercriminal will not be able to crack the account. Without a key, his actions will be blocked.
In addition, if advanced protection is enabled, then only Google applications will be able to access the user's account. This is probably the response to the crackers in May. A team of cybercriminals has created an application acting “on behalf of” Google Docs. And hundreds of thousands of people have allowed this application access to their account. Accordingly, accounts were open to attackers.
And the last advantage of those who include a new feature. If it is activated, a key will also be needed to reset or reset the password. If it is not, resetting / changing the password becomes extremely difficult. Of course, there is no guarantee that someone will not find a way to cheat and advanced protection. However, to work around new methods, you need to be a very advanced cracker.