Yubico Partners with Google’s Advanced Protection Program

Yubico Team

Yubico Team

2 minute read

Today, Google formally announced their Advanced Protection Program designed to safeguard the personal Google Accounts of those most at risk of targeted online attacks, including journalists, business leaders, and political campaign teams. Yubico has partnered with Google on this initiative as part of our ongoing commitment to working with people at risk including human rights organizations, such as Freedom of the Press, EFF, and The ISC Project, as well as journalists at the NY Times and other news publications.

Modern phishing and man-in-the-middle (MiTM) attacks are creating new threats for users and Google’s Advanced protection Program is an important initiative to protect those most at risk. An extensive Google research study, found that traditional 2-step verification and other authentication methods such as codes sent via SMS, one-time password tokens, and mobile apps are now phishable and susceptible to these attacks.

Google Protection Program with YubiKey user experience
Personal Google Account Advanced Protection Program Login Flow

This is why Yubico and Google co-created the FIDO Universal 2nd Factor (U2F) standard, and why Yubico created the unphishable Security Key, supported by Google since 2014. Both the FIDO U2F standard and the Security Key form the foundation for Google’s new Advanced Protection Program.

Google’s Advanced Protection Program extends the benefits of using YubiKey security keys with important security enhancements.

  • The strongest defense against phishing – Advanced Protection makes it a requirement to use both a password with a physical security key when signing in. Other authentication methods that can be more easily phished by attackers, including codes sent via SMS or the Google Authenticator app, are not permitted and will no longer work.
  • Limit data access to trusted apps – Advanced Protection automatically prevents non Google apps from accessing your most sensitive data, like your emails or documents.
  • Block fraudulent account access – Advanced Protection adds extra steps to verify your identity during the account recovery process to safeguard against fraudulent account access.

In partnership with Google, Yubico is proud and honored to announce our participation and support of those signing up for Google’s Advanced Protection Program. 

You can read more about how to sign up to the program at Google’s Advanced Protection Program information page.

,
Talk to our teamTalk to our team

Share this article:
  • Ditching passwords for good: Celebrating the inaugural World Passkey DayHave you ever been stuck in a relationship with someone who constantly lets you down, exposes your secrets, and leaves you vulnerable? Odds are you cut your losses, packed up your things and moved on. Today is the day to do the same with your passwords: say goodbye forever! The reality is a majority of […]Read morepasskeyspasswordlessWorld Passkey Day
  • Digital security’s unique role in protecting our environmentAs sustainability expands to include social, economic, and technological challenges, cybersecurity has emerged as a top global threat – with cybercrime projected to cost $12 trillion this year. Stolen credentials and phishing account for 80% of breaches. At Yubico, making the world more secure is just part of how we care for the world around […]Read moreCSREarth DaySecure It ForwardSustainability
  • Breaking down Australia’s plan to combat AI-driven phishing scamsAcross Australia, cybercrime continues to be a major challenge impacting businesses, critical infrastructure and consumers alike. The use of AI by bad actors across the spectrum of cybercrime is on the rise, and as a result, credential phishing scams are becoming increasingly sophisticated. AI is effectively helping to lower the cost of phishing and increase […]Read moreAIAPACAustraliaphishing
  • 5 fast cybersecurity tips to clean up your digital lifeWith today being Identity Management Day, now is the perfect time to take stock of your online presence, update security settings, and ensure that your personal data remains protected from cyber threats like phishing. We’re also seeing increasing concerns of DeepSeek and other AI tools around data privacy making these kinds of attacks more successful […]Read morebest practices