Google Workspace is hitting back against the most prolific methods of account takeover with these super simple changes

News
By published

Google is making Workspace even more secure

Mountain View, CA, USA - May 1, 2022: Google sign is seen at Googleplex, the corporate headquarters complex of Google and its parent company, Alphabet, Inc., in Mountain View, California.
(Image credit: Shutterstock)
  • Google is making changes to its Workspace account security
  • Passkey support has been rolled out to reduce phishing effectiveness
  • DBSC and SSF will mitigate cookie token theft and improve security tool communication

Google Workspace is upping its defenses against account takeover following a year-on-year in successful attacks.

The company says 37% of account takeovers use phishing or credential theft as an attack vector, and there was an 84% increase in email-delivered infostealers in 2024 over the previous year, with the most common method being cookie and authentication token theft.

To mitigate this, Google is making three changes to Workspace productivity suite to reduce the risk of account takeover and better protect organizations from attacks.

Seamless account security

Firstly, Google has rolled out passkey support to over 11 million Google Workspace accounts, making them more phishing resistant than ever and making it easier for customers to log in.

Google has also expanded Admin access to passkey tools allowing them to audit passkey enrollment and restrict passkeys to certain formats such as physical security keys.

Secondly, Google Workspace now offers Device Bound Session Credentials (DBSC) in open beta. DBSCs are a hardware backed security mechanism that uses a cryptographic key paired to the user’s device.

Each time session cookies are refreshed, Google Chrome verifies it is definitely the user in control of the account by verifying the private key kept in secure storage on the user's device. This significantly mitigates the potential for stolen cookies to be used to hijack sessions and takeover accounts, which is fast becoming one of the most successful methods for account takeover.

Finally, Google will soon be introducing a shared signals framework (SSF) receiver in closed beta. This will allow platforms to communicate in near real-time about new security signals, such as increased risk for a particular account. Additionally, SSF will also allow organizations to share key user information such as device types between security solutions.

Overall, Google’s steps to increase Workspace account security will help create a seamless login experience for users while also adding an extra layer of security against phishing, as well as cookie and authentication token theft.

Moreover, the additional controls for admins and the soon-to-come inclusion of SSF will make it easier for security teams to evaluate and improve the overall security posture of their organization.

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.