Update: I'm working on an open source security key called Solo, check it out!
This is the first in a series of blog posts about my experience with Google’s Advanced Protection Program, recently launched to strengthen the security of your Google account. In this post we’ll focus on how it works with iOS devices.
Advanced Protection is primarily intended, as Google suggests, for “journalists, activists, business leaders, and political campaign teams.” I think it’s a great tool for everyone, especially if you’re concerned about the security of your Google account, such as if it’s the recovery email of your bank account, or if you use a regular gmail account for your projects or small business.
In short, if you have an iPhone or iPad and you want to enable Advanced Protection:
- You have to buy two security keys, and I recommend you the DIGIPASS SecureClick and/or the Feitian MultiPass ($50–80, read more below on “How do I buy the right security key.”)
- On your iPhone/iPad you have to install the Google Smart Lock app, and use that to log in into your Google account.
- You have to use a regular gmail account — company accounts aren’t yet supported.
Before you get started, though, you may also want to know that after enabling Advanced Protection:
- You’ll be logged out from all devices, so make sure you do so when you have time to log back in.
- You’ll have to use Gmail (or Inbox) and Google Calendar. Other apps like Apple Mail and Calendar, won’t work anymore. Personally, I was already using the Google apps, but if you aren’t, you may want to give them a try in advance and see if you like them.
How does it work?
Go to Google’s Advanced Protection Program page, click “Get Started,” and follow the steps to register your two security keys, and enable Advanced Protection. Once it’s on, Google will ask you to enter your password and then physically tap a security key every time you log in from a new device or browser. This means you’ll always want to have a security key with you, for example on your key ring. Note that you just need one key to log in. The other one is a backup that…