Best Online Security- Everywhere you turn, someone is handing out advice about account security and privacy. And while it never hurts to be reminded about all the ways you can protect your critical data, have you stopped to wonder whether any of the various security measures you’re taking are actually effective?
Google did. In 2019, it teamed up with researchers from New York University and the University of California, San Diego to analyse more than 350,000 different account-hijacking attempts and see how well some of its most basic account-security suggestions protected users’ accounts.
As it turns out, even the most basic of techniques is — to put it in Pokémon terms — super-effective!
For example, consider the most basic security setting you can use with your Google account: adding your phone number as a “Recovery phone” so Google can text you if an account sign-in looks suspicious. Do that, and the results of Google’s study covering wide-scale attacks are pretty clear.
“We found that an SMS code sent to a recovery phone number helped block 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks,” reads Google’s blog post.
Opt-in to an on-device prompt, which requires an attacker to have physical access to your smartphone or tablet to authenticate a login request instead of intercepting your SMS messages or spoofing your SIM, and it’ll be even harder for them to break into your account.
According to the statistics from Google’s study, on-device prompts prevented all attacks from automated bots, 99 per cent of “bulk phishing attacks,” and even more targeted attacks (90 per cent) than if you simply used SMS-based authentication (the aforementioned 76 per cent).