Security
How Google is helping you stay safe and secure with your passwords
Can never be too safe
The internet has played a big part in making people’s lives easier and more convenient–from connecting people through emails and social media, online shopping, banking, entertainment and more.
All users have to do is to create accounts for various programs online, which means using their main email addresses and crafting strong passwords to ensure safety.
Nowadays, creating passwords can still be a hassle, that’s why some people resort to easy-to-remember yet vulnerable passwords or keep the same password across all platforms. These may still pose a threat and lead to security risks which can compromise a person’s privacy, their documents, data, and money online.
This is why Google is developing products that are secure to keep people safer online in a way that’s more convenient for them. In celebration of Cybersecurity Awareness Month, here are all the ways Google is making people’s sign-in safer.
Safe and seamless log-ins with Google’s Password Manager
Every day, Google checks the security of over a billion passwords to protect accounts from being hacked. The tech giant has a Password Manager, which is built directly into Chrome, Android and the Google App.
This uses the latest security technology to keep passwords safe across all the sites and apps. It also makes it easier for people to create and use strong and unique passwords on multiple devices, without the need to remember or repeat each one.
On iOS, people can select Chrome to autofill saved passwords in other apps, too, allowing people to sign-in with just one tap. Chrome is also planning to have iOS adapt the same strong password generation feature, similar to how Autofill with Google works on Android today.
A new feature will also be rolled out in the Google app that allows people to access all of the passwords they’ve saved in Google Password Manager right from the Google app menu.
These enhancements are designed to make your password experience easier and safer across the web, minus the hassle of having to note down or remember different passwords for different accounts like Facebook, Twitter, Instagram, Spotify, Netflix, Canva and more.
Enrolling in Two-Step verification
As attackers still persist in hacking or obtaining illegally what they could, adding a second form of authentication which serves as an extra layer of protection dramatically decreases the chances of getting compromised.
For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks.
Two-step verification is strongest when it combines both “something you know”–your password–and “something you have”–like your phone or a security key.
To make 2SV more convenient, a Google prompt will now allow people to simply tap on their mobile devices to prove it’s really them trying to sign in, which guarantees virtually 100% safety provided user’s devices, like their phones, are taken good care of.
Google has also stepped its game when it comes to two-factor authentication, as it has begun automatically configuring people’s accounts into a more secure state.
By the end of 2021, Google plans to auto-enroll an additional 150 million Google accounts in 2SV and require 2 million YouTube creators to turn it on—basically making all Google-related accounts more secure across all its services and products.
At the moment, only Google accounts that have the proper backup mechanisms in place are being auto-enrolled to 2SV. To make sure your account has the right settings in place, take our quick Security Checkup.
Adding security keys into devices
Another innovation Google takes pride in is its security key—a form of authentication that requires people to tap their key during suspicious sign-in attempts.
Say for example, you logged in your GMail into a new device, Google will automatically send a message to your existing device, say a phone, to ask you whether it was you signing in or not.
All you have to do is press either yes or no, or in some cases, Google will ask follow-up questions to make sure nothing gets compromised.
By default, only you can access these prompt-up messages since only you have the control over your phone or your other devices.
Security keys provide the highest degree of sign-in security possible. In fact, Google has partnered with organizations to provide free security keys to over 10,000 people this year who might be vulnerable when it comes to their online security.
Security keys are accessible, as they are built right into Android phones and Google Smart Lock app on Apple devices.
Today, over two billion devices around the world automatically support the strongest, most convenient 2SV technology available.
Towards a safe and secure future
Google recently launched One Tap along with a new family of Identity APIs called Google Identity Services which uses secure tokens, rather than passwords, to sign people into partner websites and apps, like Reddit and Pinterest.
It combines Google’s advanced security with easy sign in to deliver a convenient experience that keeps people safe.
These new services represent the future of authentication and protect against more advanced vulnerabilities like clickjacking, pixel tracking, and other web and app-based threats.
Ultimately, Google wants everyone to have an easy, seamless sign-in experience that includes the best security protections across all of their devices and accounts.
Finding new vulnerabilities is part and parcel of a device’s lifecycle. Cybersecurity firms discover new holes in a device’s security regularly. Thankfully, a firm’s discovery quickly leads to a patch from the affected brand. A newly discovered one, however, is defying common practices. Apple has recently uncovered a hardware vulnerability that’s impossible to patch.
Recently, a team of researchers sprinkled throughout the United States brought the vulnerability to everyone’s attention. The potential exploit is present in Apple’s M-series, a recent lineup of chipsets for newer Macs.
The vulnerability works by exploiting a feature that complements the chipset’s memory called the data memory-dependent prefetcher (or DMP). The DMP can predict where a piece of code is based on previous behavior. It reduces the chipset’s latency, ensuring better performance.
Now, the exploit, which the researchers have named GoFetch, disguises itself as a “pointer,” which tells the DMP which data to fetch. GoFetch can effectively point at data it wants to steal, and the feature will hand the data over willingly.
In more practical terms, malicious parties can hide this exploit inside innocent-seeming apps. Though the exploit still needs a significant amount of time to work, it’s not impossible to trick users into having an illicit app open for an extended length of time.
The other catch is how impossible it is to patch. Because the exploit is a hardware-based vulnerability, Apple cannot patch it out without re-engineering the silicon. There are software-based patches; however, doing so will reportedly compromise the performance of the chipset. The team is still researching for the effects of other software patches.
At this point, the only way to protect against the vulnerability is the same piece of advice for all hacks: Be careful of what you install.
SEE ALSO: Apple M3 MacBook Air Review
According to Google, Filipino netizens had a higher interest in cybersecurity last year.
The Philippines ranked among the top in the world in keyword searches for the following terms:
- malinformation
- cybercrime
- phishing
- malware
- fraud
- scam
- one-time password
- password strength
The word “fraud” particularly reached a 13-year high in search volume. Meanwhile, searches for “scam” increased by 40% from 2022.
These keyword search trends are a reflection of the Filipino netizen’s better interest in internet safety practices.
To help more Filipinos maintain safe browsing online, here are eight tips from Google.
Install the latest OS, updates
Turn on auto-updates on your device and web browser. Don’t ignore warnings or notifications. It’s also crucial to run the latest updates for security enhancements and protection against new threats.
For Android device users, Google Play Protect should be automatically turned on to provide protection against malicious apps and more.
Use password manager
Google’s Password Manager is a free, built-in tool to help users create, store, and manage secure passwords for all accounts.
Aside from the convenience it gives, the service also analyzes saves passwords for weaknesses or if they’ve been exposed for breaches.
Secure accounts with passkeys
Speaking of passwords, Passkeys like fingerprints or face IDs provide an extra layer.
They can keep your accounts safe against phishing since they are stored on your device.
Run regular security checkups
Google Security Checkup is a simple tool within one’s Google Account that reviews and improves their online security.
This helps users identify and fix potential vulnerablities across digital properties from connected devices and third party apps.
Review your data settings
Run a deeper checkup to see whether your apps and accounts are above-board.
Make sure you’re not sharing any data, especially sensitive information. Look through each app and site as well to see if you agree with their terms and conditions, and settings.
Avoid suspicious links
Take a moment before clicking any online or SMS links. These are usually links that can steal your sensitive information.
If a link does not look legitimate, report them immediately and block the source.
Don’t give in to pressure
Scams and frauds, whether online, over the phone, or in person, rely on pressuring someone or getting them nervous and careless.
When you are rushed to make a decision and it feels unusual, take a moment to stop, think, and assess the situation. If you’re not allowed to pause, something is not right.
Check the facts
Before posting or sharing, verify information first. See if the information is from a trusted source. Using Google Search, check the way it is written or said, who shared it, and other details.
Over the years, Chrome’s Incognito Mode accumulated quite the reputation. For most users, the alternative browsing mode was a quick way to browse dubious websites away from prying eyes. However, the mode isn’t as incognito as the name implies, as evidenced by a lawsuit from years ago. Now, Google has caved in and admitted the shortcomings of Incognito Mode.
Back in 2020, Google faced a lawsuit against the purported security of Chrome’s Incognito Mode. The lawsuit alleges that the private mode still lets websites track a user’s data.
At the time, Google themselves confirmed that websites can do that. Now, almost four years after the lawsuit, the company has agreed to settle the US$ 5 billion lawsuit.
Now, Chrome is adding a new disclaimer (spotted via MSPowerUser) to hopefully keep users from expecting complete privacy while using Incognito Mode. Besides alerting users that the device still saves downloads and bookmarks, the disclaimer that shows up whenever Incognito Mode is opened now also reads: “This won’t change how data is collected by websites you visit and the services they use, including Google.”
Unfortunately, the disclaimer isn’t meant to change how websites process your data. It’s just a way to reduce Google’s liability whenever someone complains about the security of their data.
Now, if you’re looking for a more secure way to browse the internet, other methods will serve your purposes more. For example, VPNs and Tor offer more anonymity online. Some browsers — Brave, for instance — offer those services built into the software already.
SEE ALSO: Google sued for tracking Chrome users in Incognito Mode
realme 12 5G review: It was enchanting to meet you
Just when we thought the Midnights’ era was over and the clock’s hands are now pointing to the tortured poets,...
Stellar Blade review: Strenuous but Stylish
Alluring beyond visuals
Challengers review: A thrilling drama wrapped as a tennis anime
Catch it in Ayala Cinemas starting April 24th
realme 12 5G Philippine price, availability
realme 12 5G review: It was enchanting to meet you
ZTE nubia Neo 2 5G now in the Philippines: Pricing, details
DUO more with the ASUS Zenbook DUO 2024
HONOR Magic6 Pro coming to the Philippines
-
Events2 weeks agoStellar Blade: PlayStation taps cosplayers to play Eve for game’s launch
-
Features1 week agoFortify your home office or business setup with these devices
-
Accessories2 weeks agoLogitech unveils G Pro X 60 gaming keyboard: Price, details
-
Reviews1 week agorealme 12+ 5G review: One month later
-
Deals2 weeks agoTCL P635 TV: Big savings for TCL’s anniversary
-
Gaming1 week agoNew PUMA collection lets you wear PlayStation’s iconic symbols
-
Accessories1 week agoMarshall Major V: Reasons Why I Love It
-
Gaming1 week agoMore PlayStation 5 Pro specs have been leaked