Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Disclosure: I'm an engineer with the Advanced Protection Program.

Thanks for your work securing campaigns! I forwarded your post to my team because a major goal of ours is to be useful for this purpose.

Advanced Protection has improved a lot since early days. For example it works with Apple's native Mail, Contacts and Calendar apps on iOS.

Advanced Protection doesn't require any specific model of security key. The blue YubiKeys work just fine and even Touch ID is supported (as a U2F key).

Multiple backup keys are supported. And the same key can be used on multiple accounts.

Breaking or losing a key doesn't cause an immediate lockout. A key is required at first sign in on a new device or browser session but not thereafter. I don't even carry a key most of the time.

I'm sure there's more we could do to build great account security for campaigns. Please keep the feedback coming!



I'm glad to hear about all these improvements. I hope you will consider field-testing this with a real campaign, understanding that the biggest adversary APP faces by far in this domain is Google Legal.


>Advanced Protection doesn't require any specific model of security key. The blue YubiKeys work just fine and even Touch ID is supported (as a U2F key).

But it still requires one Wireless key -- why is this? I can't activate it only with my Yubikey NEO and blue Yubikey registered.


Odd, NEO is a NFC key, and I've seen this exact setup working multiple times.


Thanks -- My mistake, it looks like even though my keys were registered already as 2FA keys, I had to re-register them and it does indeed work.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: