- The strongest defense against phishing: Advanced Protection requires the use of Security Keys to sign into your account. Security Keys are small USB or wireless devices and have long been considered the most secure version of 2-Step Verification, and the best protection against phishing. An attacker who doesn’t have your Security Key is automatically blocked, even if they have your password.
- Protecting your most sensitive data from accidental sharing: Sometimes people inadvertently grant malicious applications access to their Google data. Advanced Protection prevents this by automatically limiting full access to your Gmail and Drive to specific apps. For now, these will only be Google apps, but we expect to expand these in the future.
- Blocking fraudulent account access: Another common way hackers try to access your account is by impersonating you and pretending they have been locked out. With APP, extra steps will be put in place to prevent this.

Anyone with a personal Google Account can enroll in Advanced Protection. It’s compatible with Android and iOS, but you’ll need Chrome to sign up for Advanced Protection because it supports the U2F standard for Security Keys. We expect other browsers to incorporate this soon.
For now, Advanced Protection is only available for consumer Google Accounts. To provide comparable protections on G Suite Accounts, G Suite admins can look into
Security Key Enforcement and
OAuth apps whitelisting.
Sign up for Advanced Protection at
g.co/advancedprotection.
Posted by Stephan Micklitz, Director of Engineering