Google account

from Wikipedia, the free encyclopedia
Globe icon of the infobox
Google account
Website logo
Single sign-on service
languages German , others
operator Google LLC ( more )
Registration Yes
On-line (currently online)
https://myaccount.google.com/

A Google account is a user account that is used for authentication with various online services from the US company Google LLC . Some Google services can be used without a Google account, for example Google Search , Google Maps and YouTube . Other services, such as Gmail and Hangouts , require a user account. The Google account and other data protection tools are developed by the Google Safety Engineering Center (GSEC) in Munich .

Functions

Various account settings can be managed on the Google Account website . For example, the password can be changed, connected apps and websites can be managed and an overview of the devices last used can be viewed. Various data protection settings can also be changed.

In addition, an overview of past account activities with various Google services (e.g. Google search queries or voice commands to a Google Home device ) can be viewed and this information can be deleted individually. Since mid-2019, it has also been possible to have stored data on websites and places visited automatically deleted after 3 or 18 months.

Registration with third party providers

Using the “Google Sign-In” programming interface (API), online services from third-party providers can authenticate their users via a Google account . Google supports the automatic forwarding of security-relevant events to the other provider so that accounts linked in this way can be better protected.

safety

registration

Since the end of 2018, logging in with a Google account has only been possible with activated JavaScript so that a risk assessment can be carried out before logging in.

Two-factor authentication

A Google account supports “two-step verification”, a form of two-factor authentication . Once activated, users must prove their identity through a second method after entering their email address and password when they log on to a new device. One way to do this is to enter a regularly changing six-digit code that can be generated, for example, with the Google Authenticator app. This app works even if the user does not have cellular network coverage. Alternatively, codes can be sent to a mobile device via SMS or phone call. Since mid-2016, new logins can also be approved via the mobile Google app and, since April 2018, on iOS also in the Gmail app.

On October 21, 2014, Google announced the integration of Universal Second Factor (U2F) into its own web browser, Google Chrome , which enabled the use of a physical security code for two-step verification. Users can set the U2F security code as the primary method of two-step verification to be independent of verification codes sent via SMS or generated on their mobile devices. Compared to six-digit codes, the U2F security code offers better protection against phishing and eliminates the need for a mobile device to log in.

Since October 2018, Google has also been offering its own FIDO -compatible titanium security key for purchase, which, together with Google's "extended security program", is intended to protect particularly vulnerable users from attacks. After a security hole was found in the first Bluetooth model of the token in May 2019 , users can get a free replacement with a new, secure version. Alternatively, since April 2019, smartphones with Android 7 or newer can also be used as a FIDO2-compatible security key for logging into a Google account.

State attacks

Since June 2012, Google has been warning users of government attacks. If a user logs in that Google suspects they may have been the victim of government phishing or malware attacks, a warning will be displayed.

Takeout

Google Takeout is an online service from Google that enables Google Account users to export their personal data from many Google services, such as Google Maps, Gmail or Google Drive . The service started on June 26, 2011. All data can be downloaded in various archive formats . The development of the project lies with the "Google Data Liberation Front", which is an independent development team in the Google company. Since May 2018, data can be downloaded from other Google services in order to comply with the right to data portability of the General Data Protection Regulation (GDPR).

criticism

At the end of 2018, Google was criticized because, despite the deactivated location history in the Google account, movement data was still saved via other Google services. To ensure that no location data is saved, the user must deactivate the storage of "web and app activities" in addition to the location history. As a result, Google adapted the wording of the corresponding data protection settings on the account website.

On January 21, 2019, the French data protection authority, Commission Nationale de l'Informatique et des Libertés, imposed the highest fine of 50 million euros on Google for violations of the GDPR. A major point of criticism from the authority is the lack of information about data processing that is difficult to access. In addition, a selection box for personalized advertising is pre -filled when you create a new Google account . Google has appealed the fine.

See also

Web links

Individual evidence

  1. Helmut Martin-Jung: Google is expanding Munich into a global data protection center A global data protection center in Munich. Süddeutsche Zeitung , May 14, 2019, accessed on May 19, 2019 .
  2. Sundar Pichai: A global center for data protection in Munich. Google, May 14, 2019, accessed May 19, 2019 .
  3. Piotr Heller: New functions: Google lets you know what it knows. Spiegel Online , June 30, 2016, accessed May 20, 2019 .
  4. Google enables automatic deletion of web and location data. ZEIT ONLINE, May 2, 2019, accessed on May 19, 2019 .
  5. ↑ Use a Google account to log into other websites or apps. In: Google Account Help. Google, accessed May 20, 2019 .
  6. ^ Adam Dawes: Working together to improve user security. In: Google Developers Blog. Google, February 5, 2019, accessed May 20, 2019 .
  7. ^ Daniel Berger: Google: Login only with JavaScript. heise online, November 1, 2018, accessed on May 19, 2019 .
  8. Confirmation in two steps. Google, accessed May 20, 2010 .
  9. ^ Lori Kaufman, Chris Hoffman: How to Secure Your Google Account with Google Authenticator. How-To Geek, September 11, 2017, accessed May 20, 2019 .
  10. Dennis O'Reilly, Jason Cipriani: How to enable two-factor authentication on popular sites. CNET, June 16, 2015, accessed May 20, 2019 .
  11. New settings for 2-Step Verification. In: Google Apps Updates Blog. Google, June 20, 2016, accessed May 20, 2019 .
  12. ^ Chris Mills: Google just made using two-factor authentication a complete no-brainer. BGR, April 20, 2018, accessed on May 20, 2019 (English).
  13. Nishit Shah: Strengthening 2-Step Verification with Security Key. In: Google Security Blog. Google, October 21, 2014, accessed May 20, 2010 .
  14. ^ Adam Turner: Google security keys may offer extra layer of online protection. In: The Sydney Morning Herald . Fairfax Media , November 5, 2014, accessed May 20, 2019 .
  15. Confirmation in two steps - functions. Google, accessed May 20, 2019 .
  16. ↑ Use security key for two-step verification. In: Google Account Help. Google, accessed May 20, 2019 .
  17. ↑ Use security key for two-step verification. In: Google Account Help. Google, accessed May 20, 2019 .
  18. ^ Russell Brandom: Google's in-house security key is now available to anyone who wants one. The Verge, August 30, 2018, accessed May 20, 2019 .
  19. Advanced security from Google. Google, accessed May 20, 2019 .
  20. Dan Goodin: Google warns Bluetooth Titan security keys can be hijacked by nearby hackers. Ars Technica, May 15, 2019, accessed May 20, 2019 .
  21. News: Your Google Android 7+ Phone Is Now a FIDO2 Security Key. FIDO Alliance, April 10, 2019, accessed on May 20, 2019 .
  22. Google warns users of government attacks. Die Zeit , June 6, 2012, accessed on May 20, 2019 .
  23. Eric Grosse: Security warnings for suspected state-sponsored attacks. In: Google Security Blog. Google, June 5, 2012, accessed May 20, 2019 .
  24. Google to warn users of 'state-sponsored attacks'. CBC , June 6, 2012, accessed May 20, 2019 .
  25. ^ Brian Fitzpatrick: The Data Liberation Front Delivers Google Takeout. In: Data Liberation Blog. Google, June 28, 2011, accessed May 20, 2019 .
  26. William Malcolm: Our preparations for the new European data protection law. Google, May 11, 2018, accessed May 20, 2019 .
  27. Simon Hurtz: Google tracks users even if they explicitly disagree. Süddeutsche Zeitung, August 14, 2018, accessed on May 19, 2019 .
  28. ^ Jason Hahn: Google clarifies its language about Location History settings, but there's still room for improvement. Android Police, August 21, 2018, accessed May 19, 2019 .
  29. Simon Rebiger, Ingo Dachwitz: The GDPR is showing its first teeth: 50 million fine imposed on Google. netzpolitik.org , January 21, 2019, accessed on May 20, 2019 .
  30. Stefan Beiersmann: Google appeals against DSVGO fine. ZDNet, January 25, 2019, accessed on May 19, 2019 .