Google has unveiled a new locked-down version of Gmail that trades convenience for a lot more security.
The company's Gmail Advanced Protection Program is aimed at journalists, business leaders, political campaign teams, and basically any person who is at risk of being targeted online by a persistent attacker.
Gmail accounts enrolled in the program are configured with additional protections against targeted phishing, attacks that abuse third-party app access to Gmail and Google Drive, and account recovery attacks.
“Advanced Protection provides Google’s strongest security, designed for those who are at an elevated risk of attack and are willing to trade off a bit of convenience for more protection of their personal Google Accounts,” Google’s Advanced Protection program manager Dario Salice said.
The higher security comes at the expense of easy sign-in methods such as using Google’s mobile app for a one-click approval from an iPhone to sign into a Gmail on a desktop. Arguably the most important feature of the program is enforced two-factor authentication that requires the user has possession of a USB key when attempting to sign in.
Once enrolled, the only way users can sign in into their account will be to use physical Security Keys such as Yubico’s FIDO Alliance ‘Universal 2nd Factor’ USB key, which cost around $20.
There are also Security Keys that work with Bluetooth Low Energy for wireless sign in on mobile devices. Unfortunately, the link Google provides to the Feitian MultiPass FIDO Security Key that offers NFC and Bluetooth compatibility is out of stock on Amazon.
Security Key sign-in offers a higher level of security than one-time codes or other software-based sign in methods because an attacker needs to have possession of the key to sign-in.
The physical key also allows the user to cryptographically prove to Google that it’s really them, and proves to the user that the site they’re logging into is actually a Google page rather than a fake page for capturing Google user credentials.
The new service arrives in the wake of the email breach of Hillary Clinton’s 2016 election campaign manager, John Podesta, whose credentials were exposed in a phishing attack that targeted his Gmail password. His emails and Apple ID credentials were subsequently published by WikiLeaks, potentially swaying the 2016 Presidential election in favor of Donald Trump.
Enrolling in Advanced Protection will also mean that only Google apps can access data from Gmail through the OAuth protocol, which is used by Google, Twitter, and Facebook as a means for users to grant a third-party app access to their account on these platforms.
Google in May shut down an attack on Gmail users that abused OAuth to trick users into granting a rogue app access to their Gmail account data, which in turn allowed the attacker to spam each victim’s contacts. In response, Google introduced a more stringent verification process for developers that want to use OAuth.
“Advanced Protection prevents this by automatically limiting full access to your Gmail and Drive to specific apps. For now, these will only be Google apps, but we expect to expand these in the future,” wrote Salice.
Currently, users that opt-in to Advanced Protection will not be able to use Apple’s Mail, Contacts, and Calendar apps since they don’t support Security Keys. iPhone users will need to install the Gmail app, Inbox, or Google’s iOS calendar apps
The new service also tightens up the account recovery and password reset procedure, which has been abused by attackers hijack an account by pretending they are the person locked out of an account.