Google: Users are Still Tech’s Largest Security Flaw
Members of Google’s security team believe that the company’s biggest security challenges still revolve around users themselves.
That’s according to statements made by two of Google’s security experts and documented by CNET at Google I/O this past week. Eran Feigenbaum, the director of security for Google Apps, believes that users can help Google protect their accounts by enabling two-step authentication for their accounts.
“You should turn on two-step verification, make sure [the browser] is up to date, and make sure your password recovery options are set.”
Two-step authentication requires users to add a smartphone number and an additional email account as a way for the company to verify that it’s really them trying to access their account instead of a user who might have malicious intent. Google is able to do this by using these accounts to send a one-time verification code when someone attempts to log into an account that hasn’t yet been used by that account on Google’s services.
Google’s head of Chrome security, Parisa Tabriz, also offered some words of wisdom to those using the company’s Chrome web browser, saying, “In Chrome you can set up multiple profiles and go incognito” to protect their identities and information.
Using Chrome’s incognito mode allows users to effectively cover their tracks when browsing websites by not allowing cookies, small bits of information websites leave on a user’s computer, to remain on the computer after the mode is closed. Additionally, information or cookies that were created outside of incognito mode are inaccessible to when incognito mode is turned on.
In addition to highlighting security features that are already available, Feigenbaum says that the company is also working on other approaches that could include hardware that would identify users. These hardware features could include an Android device that use biometrics to authenticate the users identify like finger print readers. In fact, future versions of Apple’s iOS devices are rumored to include a fingerprint scanner as a way to deter theft and keep iPhone user’s data private.
Tabris and Feigenbaum also discussed the increasingly large issue of basing systems around passwords, with Feigenbaum noting that security conscious users have to create evermore complicated passwords. Because of this, many make use of password managers that store the user’s credentials on that device’s memory, making those accounts vulnerable should that device be compromised.
As smartphones become more ingrained in user’s daily lives, coming up with new ways to protect them is where users may see the next wave of innovations in smartphones. Chatter about enhanced smartphone security has recently picked up ahead of Apple’s expected iPhone 5S launch.