Copy this bookmark:



bookmark detail

Google: Security Keys Neutralized Employee Phishing — Krebs on Security
I’m surprised to see Google doing this so broadly.

> Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.

It seems like there must be some other ways to login. After all, you cannot use a USB token on a mobile phone. 🧐
july 2018 by thingles
view in context