This is the first in a series of blog posts about my experience with , recently launched to strengthen the security of your Google account. In this post we’ll focus on how it works with iOS devices. Google’s Advanced Protection Program Advanced Protection is primarily intended, as Google suggests, for “journalists, activists, business leaders, and political campaign teams.” I think it’s a great tool for everyone, especially if you’re concerned about the security of your Google account, such as if it’s the recovery email of your bank account, or if you use a regular gmail account for your projects or small business. In short, : if you have an iPhone or iPad and you want to enable Advanced Protection You have to buy security keys, and I recommend you the and/or the ($50–80, read more below on “How do I buy the right security key.”) two Feitian MultiPass DIGIPASS SecureClick On your iPhone/iPad you have to install the app, and use that to log in into your Google account. Google Smart Lock You have to use a regular gmail account — company accounts aren’t yet supported. Before you get started, though, you may also want to know that after enabling Advanced Protection: You’ll be logged out from all devices, so make sure you do so when you have time to log back in. You’ll have to use Gmail (or Inbox) and Google Calendar. Other apps like Apple Mail and Calendar, won’t work anymore. Personally, I was already using the Google apps, but if you aren’t, you may want to give them a try in advance and see if you like them. How does it work? Go to page, click “Get Started,” and follow the steps to register your two security keys, and enable Advanced Protection. Once it’s on, Google will ask you to enter your password and then physically tap a security key every time you log in from a new device or browser. This means you’ll always want to have a security key with you, for example on your key ring. Note that you just need one key to log in. The other one is a backup that you can keep safely at home in case you lose or break the first one. Google’s Advanced Protection Program Why do I need it? You need Advanced Protection to protect you against targeted online attacks, and in particular phishing. You’ll be protected from phishing sites that attempt to steal your login credentials, and from malicious sites that try to get access to your Gmail or Google Drive data. Google Drive On the left, a phishing website pretending to look like Google to steal my login credentials. On the right, a malicious website requesting access to my data. Advanced Protection blocks both attacks. How is this different from two-factor authentication? Advanced Protection is a form of 2FA, in fact the strongest one. Other mechanisms like SMS or time-based codes don’t protect you against sophisticated phishing. What if I lose or break my security key? That’s why you have two. What if someone steals my security key? That’s why you ALSO have a strong password. You can , and replace it with a new one. revoke your lost security key anytime How do I buy the right security key? For iOS, the only security keys I was able to find and test are the Feitian MultiPass, the same recommended by Google, and the DIGIPASS SecureClick, recommended in . this survey Yubikeys don’t work with Advanced Protection on iPhone and iPad(I discovered it only after I bought them already — I should have read more carefully.) In the list below I’m summarizing the main options, with pros and cons of each one. , $25 It works on desktop, Android and iOS devices. It doesn't have a usb-c connector (e.g., for the new Macbook Pro.) Feitian MultiPass Pros: Cons: (my choice, mostly aesthetic), $39 It works on desktop, Android and iOS devices. It doesn’t have a usb-c connector (e.g., for the new Macbook Pro.) DIGIPASS SecureClick Pros: Cons: , $50 It's nicer looking and fits better in a key ring than the Feitian. It doesn't work on iPhone and iPad. It doesn't have a usb-c connector. Yubikey NEO Pros: Cons: , $18 It's the cheapest. It only works on desktop devices, no phones & tablets. FIDO U2F Security Key (Yubico) Pros: Cons: , $50 It has a usb-c connector. It only works on desktop devices, no phones & tablets. Yubikey 4C Pros: Cons: How does it work on iPhone? Below is an example of me adding my Gmail account on my iPhone after I’ve enabled Advanced Protection. To reiterate, you have to log in using Google Smart Lock, and then you have to you the Gmail app (or Inbox) — Apple Mail won’t work anymore. From left to right: launch Smart Lock and add a new account, enter your email address, enter your password, tap on the security key (the very first time you use the security key with your iPhone you’ll be asked to pair it by long pressing for a few seconds.) If you tried Advanced Protection on iOS, I’d like to hear how your experience was. Did you try other security keys? Did you, like me, buy the wrong ones? :) Did you find other apps to be tricky or not working? Feel free to use the comments below or reach out to me on Twitter . @0x0ece P.S: And if you’re interested in security and authentication, you may also want to , a new password manager that I just happened to release. check out MemPa

Amazon

Apple

Google

Twitter

Crypto Taxes for Dummies

MemPa — A Modern Deterministic Password Manager

Join my NFT project: Everdragons2

Nominated for 2022 - HackerNoon Contributor of the Year - Finance

Too Long; Didn't Read

CTA: Download the FREE AI Productivity Shift report

Google's Advanced Protection Program with iPhone and iPad

Google's Advanced Protection Program with iPhone and iPad

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

NFT Taxes for Dummies: Everything You Need to Know to Get Started

10 Ways to Reduce Data Loss and Potential Downtime Of Your Database

10 Threats to an Open API Ecosystem

10 Secure Online Applications in 2021: No More Spy Spps and Hacker Attacks

121 Stories To Learn About Data Protection

NFT Taxes for Dummies: Everything You Need to Know to Get Started

10 Ways to Reduce Data Loss and Potential Downtime Of Your Database

10 Threats to an Open API Ecosystem

10 Secure Online Applications in 2021: No More Spy Spps and Hacker Attacks

121 Stories To Learn About Data Protection

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps