Security

How Google is helping you stay safe and secure with your passwords

Can never be too safe

Published

on

Google Security

The internet has played a big part in making people’s lives easier and more convenient–from connecting people through emails and social media, online shopping, banking, entertainment and more.

All users have to do is to create accounts for various programs online, which means using their main email addresses and crafting strong passwords to ensure safety.

Nowadays, creating passwords can still be a hassle, that’s why some people resort to easy-to-remember yet vulnerable passwords or keep the same password across all platforms. These may still pose a threat and lead to security risks which can compromise a person’s privacy, their documents, data, and money online.

This is why Google is developing products that are secure to keep people safer online in a way that’s more convenient for them. In celebration of Cybersecurity Awareness Month, here are all the ways Google is making people’s sign-in safer.

Safe and seamless log-ins with Google’s Password Manager

Every day, Google checks the security of over a billion passwords to protect accounts from being hacked. The tech giant has a Password Manager, which is built directly into Chrome, Android and the Google App.

This uses the latest security technology to keep passwords safe across all the sites and apps. It also makes it easier for people to create and use strong and unique passwords on multiple devices, without the need to remember or repeat each one.

On iOS, people can select Chrome to autofill saved passwords in other apps, too, allowing people to sign-in with just one tap. Chrome is also planning to have iOS adapt the same strong password generation feature, similar to how Autofill with Google works on Android today.

A new feature will also be rolled out in the Google app that allows people to access all of the passwords they’ve saved in Google Password Manager right from the Google app menu.

These enhancements are designed to make your password experience easier and safer across the web, minus the hassle of having to note down or remember different passwords for different accounts like Facebook, Twitter, Instagram, Spotify, Netflix, Canva and more.

Enrolling in Two-Step verification 

As attackers still persist in hacking or obtaining illegally what they could, adding a second form of authentication which serves as an extra layer of protection dramatically decreases the chances of getting compromised.

For years, Google has been at the forefront of innovation in two-step verification (2SV), one of the most reliable ways to prevent unauthorized access to accounts and networks.

Two-step verification is strongest when it combines both “something you know”–your password–and “something you have”–like your phone or a security key.

To make 2SV more convenient, a Google prompt will now allow people to simply tap on their mobile devices to prove it’s really them trying to sign in, which guarantees virtually 100% safety provided user’s devices, like their phones, are taken good care of.

Google has also stepped its game when it comes to two-factor authentication, as it has begun automatically configuring people’s accounts into a more secure state.

By the end of 2021, Google plans to auto-enroll an additional 150 million Google accounts in 2SV and require 2 million YouTube creators to turn it on—basically making all Google-related accounts more secure across all its services and products.

At the moment, only Google accounts that have the proper backup mechanisms in place are being auto-enrolled to 2SV. To make sure your account has the right settings in place, take our quick Security Checkup.

Adding security keys into devices

Another innovation Google takes pride in is its security key—a form of authentication that requires people to tap their key during suspicious sign-in attempts.

Say for example, you logged in your GMail into a new device, Google will automatically send a message to your existing device, say a phone, to ask you whether it was you signing in or not.

All you have to do is press either yes or no, or in some cases, Google will ask follow-up questions to make sure nothing gets compromised.

By default, only you can access these prompt-up messages since only you have the control over your phone or your other devices.

Security keys provide the highest degree of sign-in security possible. In fact, Google has partnered with organizations to provide free security keys to over 10,000 people this year who might be vulnerable when it comes to their online security.

Security keys are accessible, as they are built right into Android phones and Google Smart Lock app on Apple devices.

Today, over two billion devices around the world automatically support the strongest, most convenient 2SV technology available.

Towards a safe and secure future

Google recently launched One Tap along with a new family of Identity APIs called Google Identity Services which uses secure tokens, rather than passwords, to sign people into partner websites and apps, like Reddit and Pinterest.

It combines Google’s advanced security with easy sign in to deliver a convenient experience that keeps people safe.

These new services represent the future of authentication and protect against more advanced vulnerabilities like clickjacking, pixel tracking, and other web and app-based threats.

Ultimately, Google wants everyone to have an easy, seamless sign-in experience that includes the best security protections across all of their devices and accounts.

News

A new iMessage feature alerts you of any government spies

Anyone can use it

Published

on

Do you have an irrational fear of government hackers spying on your text messages? If you do, Apple has a new feature to help alleviate your phobia. Starting today, users can opt into the new iMessage Contact Key Verification feature, a security measure designed to prevent any unwanted snooping on your messages.

If it sounds too specific, it’s because Apple designed the feature for those who face “extraordinary digital threats,” like journalists and politicians. Naturally, this subset of the population can benefit from keeping their conversations away from snoopers (which includes, according to Apple, state-sponsored attackers). However, there’s no denying that the feature is also a boon to users who want an extra layer of protection for their messaging needs.

To use the feature, both the sender and the receiver need to have the option turned on while using their device. On a more basic level, the device will alert both users if an unexpected party suddenly crashes and enters the encrypted conversation. A more advanced level even allows iMessage users to compare verification codes, ensuring that both parties are indeed talking to whomever they intend to talk to.

While most users might not find a lot of use for an exorbitant amount of protection against hackers, it’s a step in the right direction for total message encryption. Despite some significant hiccups, Apple remains focused on bringing encryption to its users.

SEE ALSO: Apple is tracking users even with settings turned off

Continue Reading

Apps

Over 5.4 million Twitter accounts have just been exposed

Beware of any fishy emails

Published

on

According to new owner Elon Musk, Twitter is enjoying record-breaking numbers as of late. If the billionaire’s claim is true, it’s time to beef up your Twitter account’s security. A leak stemming from earlier this year has exposed and exploited over 5 million accounts.

Back in July, the platform confirmed the leak but claimed that none were exploited. An API vulnerability reportedly caused the leak. Now, according to BleepingComputer, Twitter isn’t out of the woods yet.

Though the vulnerability has already been patched, the 5.4 million users affected by the leak have just had their private information leaked on a hacker forum. These details include both phone numbers and email addresses — information that isn’t usually readily available on the platform. The list of affected users even include celebrities and companies.

Thankfully, the leak doesn’t give outright access to an affected user’s account. However, it gives malicious parties some information to work with. Needless to say, if you receive any suspicious emails, take a gander before clicking any links, especially those that ask for your password or any other sensitive information. Also, it might be a good idea to beef up your security with two-factor authentication, just in case.

That said, 5.4 million users is just a drop in the bucket for a massive platform like Twitter. Though it’s not impossible, it’s more likely that your individual account is safe from any of the current chaos. Still, keep your accounts safe.

SEE ALSO: Twitter is working on encrypted DMs and video calling

Continue Reading

News

Apple is tracking users even with settings turned off

Now faces a lawsuit

Published

on

In the tempestuous arena between iOS and Android, the order of the day is security. Both Apple and several companies who run Android tout how secure their systems are. However, despite the promises made, data continues to be a tradeable commodity in today’s ecosystem. Apple, caught in such a scandal, is now being sued for tracking its users, despite user settings.

Today, the App Store and the Play Store keep their software transparent, revealing how every app tracks and transmits data. Unfortunately, the safety umbrella might not extend to apps that belong to Apple. Two engineers, Tommy Mysk and Talal Haj Bakry, spotted that Apple tracks everything its users do inside Apple’s own apps (via Gizmodo).

For example, the App Store can detect your device, your keyboard, your screen resolution. Further, while Health and Wallet are still safe apps, other apps, such as Apple Music and Apple TV, are heavily involved in tracking user data.

What’s worse, the tracking does not stop even if a user opts out from tracking altogether. The two engineers caught the same thing happening on a standard and on a jailbroken iOS 16 device.

Due to the recent findings, the company is now facing a lawsuit in California for falsely claiming the control its users have over privacy. Besides the marketing realm, privacy is also a concern for lawmakers who implement the same stringent privacy regulations against apps sending data to other nations such as TikTok.

SEE ALSO: Apple is reportedly changing “Hey, Siri”

Continue Reading

Trending