Google Says USB-Based Security Keys Keep Employees from Phishing Attacks

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. A Google spokesperson said Security Keys now form the basis of all account access at Google.