Google 'Advanced Protection Program' Is To Keep People Safe By Trading Off Conveniences

Google provides various of security features to keep users' account safe, including login alerts and two-factor authentication.

But those who think that those aren't enough, worried about someone gaining access to their account data, or just plain paranoid, Google has program that is called the Advanced Protection Program. This feature adds a set of stronger protections to users' accounts.

There is a setting which will make things harder for hackers to break into sensitive data on Gmail, Google Drive, YouTube or any other Google properties. It's an opt-in feature.

The ultra-secure mode was first intended for truly high-risk users such as journalists, politicians, high-profile figures, those who face the threat of state-sponsored and those with high net worth, for example.

Google cited that journalists protecting sources and political organizers as two groups who might want Advanced Protection Program. It rolls out in the wake of a series of sophisticated hacking campaigns that have targeted Gmail and focused on the accounts of influential people.

Most public of those was the Kremlin-backed intrusion that hit the Gmail account of Hillary Clinton campaign manager John Podesta and led to WikiLeaks leaking out his emails for weeks, with political reverberations.

But then Google rolled it out to all Google users.

"There is an overlooked minority of our users that are at particularly high risk of targeted online attacks," said Google' security team on a blog post. "For example, these might be campaign staffers preparing for an upcoming election, journalists who need to protect the confidentiality of their sources, or people in abusive relationships seeking safety."

At launch, Advanced Protection Program adds three new features to keep that data safe.

Firstly, it requires a U2F (Universal Second Factor) security key to sign into your account. These hardware authenticators (USB key or a a Bluetooth dongle) use public key cryptography to keep unwanted people from logging into your account. The U2F key performs its own authentication step with Google's site to check it's legit, and only then supplies a key that logs the user in with no need to type a code.

Google will also limit which apps can access your account data.

Scanners will use a more intensive process to quarantine and analyze incoming documents.

Initially, Google just limits this feature for Google's own app, but aims to add other trusted apps after seeing how the feature performed.

Then for account recovery process, Google also adds more security later with its Advanced Protection Program. If you forget your username or password, or lose your hardware login keys, there will be additional steps and reviews before account access is granted.

The Advanced Protection Program represents a significant step up from the digital two-factor authentication that has become the standard in Silicon Valley.

Requiring a U2F token instead of codes makes impersonating a user far more difficult. Unlike one-time codes, the tokens can't be intercepted on the carrier network, or obtained by hacking. What's more, hardware-enabled login isn't vulnerable to phishing attacks.

Google has supported those U2F keys for years. But Advanced Protection uses a stricter implementation than Google has offered in the past: Only physical keys along with a password will unlock your account. If you lose them, you won't be able to use a printed out backup code you have saved on your phone or wallet, for example.

Instead, you'll have to go through an account recovery process that Google says will be far more stringent and labor-intensive.

On free services on the web, including Google that provides various of free-to-use products, the tradeoff for this convenience is security. Thriving on user data, Google's business is all about advertising.

But with Google adding a set of features specifically targeted at those who are paranoid for free, is because using Advanced Protection Program isn't convenient.

Google said that the Advanced Protection Program will evolve as security does. So, joining the program means that you will always have the strongest protections Google can provide.