Tag Archives: Safety & Security

“Be Internet Awesome”: Helping kids make smart decisions online

As a parent, I’m constantly talking with my two daughters about how they use the Internet. The way they use it to explore, create and learn inspires me to do my best work at Google, where I lead a team making products that help families and kids have positive experiences online. But for kids to really make the most of the web, we need more than just helpful products: We need to provide guidance as they learn to make their own smart decisions online.

This is one of the most significant issues that we all face as a new generation grows up with the Internet at their fingertips. It’s critical that the most influential people in our kids’ lives—parents and teachers, especially—help kids learn how to be smart, positive and kind online, just like we teach them to be offline. It's something we all need to reinforce together.

With school out and summer break giving kids more time to spend on the Internet, it’s a great time to introduce Be Internet Awesome: a new way to encourage digital safety and citizenship.

Developed in collaboration with online safety experts like the Family Online Safety Institute, the Internet Keep Safe Coalition and ConnectSafely, Be Internet Awesome focuses on five key lessons to help kids navigate the online world with confidence:

  • Be Internet Smart: Share with care
  • Be Internet Alert: Don’t fall for fake
  • Be Internet Strong: Secure your secrets
  • Be Internet Kind: It's cool to be kind
  • Be Internet Brave: When in doubt, talk it out

The program includes a range of specific resources for kids, educators and parents, so everyone has the tools they need to learn and participate in the conversation.

For kids

To help kids learn these lessons in a way that’s fun and immersive, we created an interactive, online game called Interland. It’s free and web-based so it’s easily accessible by everyone, and most importantly, it’s in a format kids already love. In this imaginary world of four lands, kids combat hackers, phishers, oversharers and bullies, practicing the skills they need to be good digital citizens.

For educators

We partnered with the Internet Keep Safe Coalition and educators across the country to create a classroom curriculum that brings the five principles of being Internet Awesome to life, at school. To practice being Internet Alert, for example, students can work together to identify whether websites and emails contain signs of a phishing attempt. The lesson plans, activities and worksheets align with the International Society for Technology in Education’s Standards for Students, which educators look toward to define skills for safe and positive action online.

“Building these skills in our students will require ongoing attention as new technologies pose challenges and opportunities for students both at home and at school,”  says Carolyn Sykora, Senior Director of Standards at ISTE. “Be Internet Awesome provides materials educators and parents can use to help students learn about online safety in a fun and engaging way.”

After reviewing the game and curriculum, ISTE has awarded Be Internet Awesome its Seal of Alignment for Readiness. Educators can find the curriculum on the Be Internet Awesome resource hub, or as part of a new online course in the Google for Education Training Center.

For parents and guardians

Without some guidance, having a meaningful conversation about digital safety and respect at home can be really hard. These are sensitive topics and parents may not know where to start. To help make starting the conversation easier, we teamed up with a group of YouTube creators, including John Green, the What’s Inside? Family and MinutePhysics, to launch the #BeInternetAwesome Challenge, a video series that makes talking about online safety fun and accessible. Families can reinforce important lessons at home by signing the Be Internet Awesome Pledge to stay smart, alert, strong, kind and brave online.

My team and I will continue Google’s work to make the Internet a safer, more positive place for kids, and this is an exciting new chapter in our ongoing efforts. Ready, set, Be Internet Awesome! g.co/BeInternetAwesome

Source: Education


“Be Internet Awesome”: Helping kids make smart decisions online

As a parent, I’m constantly talking with my two daughters about how they use the Internet. The way they use it to explore, create and learn inspires me to do my best work at Google, where I lead a team making products that help families and kids have positive experiences online. But for kids to really make the most of the web, we need more than just helpful products: We need to provide guidance as they learn to make their own smart decisions online.

This is one of the most significant issues that we all face as a new generation grows up with the Internet at their fingertips. It’s critical that the most influential people in our kids’ lives—parents and teachers, especially—help kids learn how to be smart, positive and kind online, just like we teach them to be offline. It's something we all need to reinforce together.

With school out and summer break giving kids more time to spend on the Internet, it’s a great time to introduce Be Internet Awesome: a new way to encourage digital safety and citizenship.

Developed in collaboration with online safety experts like the Family Online Safety Institute, the Internet Keep Safe Coalition and ConnectSafely, Be Internet Awesome focuses on five key lessons to help kids navigate the online world with confidence:

  • Be Internet Smart: Share with care
  • Be Internet Alert: Don’t fall for fake
  • Be Internet Strong: Secure your secrets
  • Be Internet Kind: It's cool to be kind
  • Be Internet Brave: When in doubt, talk it out

The program includes a range of specific resources for kids, educators and parents, so everyone has the tools they need to learn and participate in the conversation.

For kids

To help kids learn these lessons in a way that’s fun and immersive, we created an interactive, online game called Interland. It’s free and web-based so it’s easily accessible by everyone, and most importantly, it’s in a format kids already love. In this imaginary world of four lands, kids combat hackers, phishers, oversharers and bullies, practicing the skills they need to be good digital citizens.

For educators

We partnered with the Internet Keep Safe Coalition and educators across the country to create a classroom curriculum that brings the five principles of being Internet Awesome to life, at school. To practice being Internet Alert, for example, students can work together to identify whether websites and emails contain signs of a phishing attempt. The lesson plans, activities and worksheets align with the International Society for Technology in Education’s Standards for Students, which educators look toward to define skills for safe and positive action online.

“Building these skills in our students will require ongoing attention as new technologies pose challenges and opportunities for students both at home and at school,”  says Carolyn Sykora, Senior Director of Standards at ISTE. “Be Internet Awesome provides materials educators and parents can use to help students learn about online safety in a fun and engaging way.”

After reviewing the game and curriculum, ISTE has awarded Be Internet Awesome its Seal of Alignment for Readiness. Educators can find the curriculum on the Be Internet Awesome resource hub, or as part of a new online course in the Google for Education Training Center.

For parents and guardians

Without some guidance, having a meaningful conversation about digital safety and respect at home can be really hard. These are sensitive topics and parents may not know where to start. To help make starting the conversation easier, we teamed up with a group of YouTube creators, including John Green, the What’s Inside? Family and MinutePhysics, to launch the #BeInternetAwesome Challenge, a video series that makes talking about online safety fun and accessible. Families can reinforce important lessons at home by signing the Be Internet Awesome Pledge to stay smart, alert, strong, kind and brave online.

My team and I will continue Google’s work to make the Internet a safer, more positive place for kids, and this is an exciting new chapter in our ongoing efforts. Ready, set, Be Internet Awesome! g.co/BeInternetAwesome

“Be Internet Awesome”: Helping kids make smart decisions online

As a parent, I’m constantly talking with my two daughters about how they use the Internet. The way they use it to explore, create and learn inspires me to do my best work at Google, where I lead a team making products that help families and kids have positive experiences online. But for kids to really make the most of the web, we need more than just helpful products: We need to provide guidance as they learn to make their own smart decisions online.

This is one of the most significant issues that we all face as a new generation grows up with the Internet at their fingertips. It’s critical that the most influential people in our kids’ lives—parents and teachers, especially—help kids learn how to be smart, positive and kind online, just like we teach them to be offline. It's something we all need to reinforce together.

With school out and summer break giving kids more time to spend on the Internet, it’s a great time to introduce Be Internet Awesome: a new way to encourage digital safety and citizenship.

Developed in collaboration with online safety experts like the Family Online Safety Institute, the Internet Keep Safe Coalition and ConnectSafely, Be Internet Awesome focuses on five key lessons to help kids navigate the online world with confidence:

  • Be Internet Smart: Share with care
  • Be Internet Alert: Don’t fall for fake
  • Be Internet Strong: Secure your secrets
  • Be Internet Kind: It's cool to be kind
  • Be Internet Brave: When in doubt, talk it out

The program includes a range of specific resources for kids, educators and parents, so everyone has the tools they need to learn and participate in the conversation.

For kids

To help kids learn these lessons in a way that’s fun and immersive, we created an interactive, online game called Interland. It’s free and web-based so it’s easily accessible by everyone, and most importantly, it’s in a format kids already love. In this imaginary world of four lands, kids combat hackers, phishers, oversharers and bullies, practicing the skills they need to be good digital citizens.

For educators

We partnered with the Internet Keep Safe Coalition and educators across the country to create a classroom curriculum that brings the five principles of being Internet Awesome to life, at school. To practice being Internet Alert, for example, students can work together to identify whether websites and emails contain signs of a phishing attempt. The lesson plans, activities and worksheets align with the International Society for Technology in Education’s Standards for Students, which educators look toward to define skills for safe and positive action online.

“Building these skills in our students will require ongoing attention as new technologies pose challenges and opportunities for students both at home and at school,”  says Carolyn Sykora, Senior Director of Standards at ISTE. “Be Internet Awesome provides materials educators and parents can use to help students learn about online safety in a fun and engaging way.”

After reviewing the game and curriculum, ISTE has awarded Be Internet Awesome its Seal of Alignment for Readiness. Educators can find the curriculum on the Be Internet Awesome resource hub, or as part of a new online course in the Google for Education Training Center.

For parents and guardians

Without some guidance, having a meaningful conversation about digital safety and respect at home can be really hard. These are sensitive topics and parents may not know where to start. To help make starting the conversation easier, we teamed up with a group of YouTube creators, including John Green, the What’s Inside? Family and MinutePhysics, to launch the #BeInternetAwesome Challenge, a video series that makes talking about online safety fun and accessible. Families can reinforce important lessons at home by signing the Be Internet Awesome Pledge to stay smart, alert, strong, kind and brave online.

My team and I will continue Google’s work to make the Internet a safer, more positive place for kids, and this is an exciting new chapter in our ongoing efforts. Ready, set, Be Internet Awesome! g.co/BeInternetAwesome

Chrome: secure by default, for everyone

You shouldn’t need to be a security expert to browse the web, which is why we built Chrome to be secure by default, and easy to use safely by everyone. Chrome protects our users from malicious webpages by showing warnings more than 250 million times each month before users reach dangerous sites. We have also given more than $3.5 million to the security research community in rewards for helping us identify security bugs so we can fix them and strengthen Chrome. Here’s a refresher on how Chrome makes it easy for you to stay safe online.

Security by design

Chrome has used Google Safe Browsing for more than a decade to show you warnings before you visit a site that might be dangerous or deceptive. Safe Browsing launched in 2007 to protect people across the web from deceptive phishing sites, and has evolved to help protect against threats like dangerous malware across Chrome desktop and mobile. If you see a full-screen red warning, you’ll know that the page ahead might be dangerous.

ChromeSecurity_alert800px.png

There are lots of different players—like your internet service provider or your Wi-Fi network—that help get you connected online. Chrome will let you know if you’re securely connected directly to a site by showing a green lock in the address bar:

ChromeSecurity_bar.png

This means that you can be confident that you’re sending any information directly to that site, and it can’t be snooped on or tampered with by anyone else—even a curious person who also happens to be on the free coffee shop Wi-Fi!

Making security easy

Using unique, strong passwords is one of the most important things you can do to stay safe on the web. Chrome’s password manager, called Google Smart Lock, helps you remember your  passwords, so you’ll never have to reuse them. If you’re signed into Chrome, you can keep track of your passwords and Chrome will automatically fill them in on the right sites, across devices.

Finally, we know that you want to stay safe without the hassle of installing updates. Chrome automatically updates behind the scenes every six weeks to ensure that you always have the latest security features and fixes. And if we find an important security bug, we push out a fix within 24 hours—no update from you required.

ChromeSecurity_update.png

Our security team works hard behind the scenes, even (especially!) if you can’t see it happening. Check out our new Chrome Security page for more details, and for more news on security at Google, check out our Security Blog.

Source: Google Chrome


Chrome: secure by default, for everyone

You shouldn’t need to be a security expert to browse the web, which is why we built Chrome to be secure by default, and easy to use safely by everyone. Chrome protects our users from malicious webpages by showing warnings more than 250 million times each month before users reach dangerous sites. We have also given more than $3.5 million to the security research community in rewards for helping us identify security bugs so we can fix them and strengthen Chrome. Here’s a refresher on how Chrome makes it easy for you to stay safe online.

Security by design

Chrome has used Google Safe Browsing for more than a decade to show you warnings before you visit a site that might be dangerous or deceptive. Safe Browsing launched in 2007 to protect people across the web from deceptive phishing sites, and has evolved to help protect against threats like dangerous malware across Chrome desktop and mobile. If you see a full-screen red warning, you’ll know that the page ahead might be dangerous.

ChromeSecurity_alert800px.png

There are lots of different players—like your internet service provider or your Wi-Fi network—that help get you connected online. Chrome will let you know if you’re securely connected directly to a site by showing a green lock in the address bar:

ChromeSecurity_bar.png

This means that you can be confident that you’re sending any information directly to that site, and it can’t be snooped on or tampered with by anyone else—even a curious person who also happens to be on the free coffee shop Wi-Fi!

Making security easy

Using unique, strong passwords is one of the most important things you can do to stay safe on the web. Chrome’s password manager, called Google Smart Lock, helps you remember your  passwords, so you’ll never have to reuse them. If you’re signed into Chrome, you can keep track of your passwords and Chrome will automatically fill them in on the right sites, across devices.

Finally, we know that you want to stay safe without the hassle of installing updates. Chrome automatically updates behind the scenes every six weeks to ensure that you always have the latest security features and fixes. And if we find an important security bug, we push out a fix within 24 hours—no update from you required.

ChromeSecurity_update.png

Our security team works hard behind the scenes, even (especially!) if you can’t see it happening. Check out our new Chrome Security page for more details, and for more news on security at Google, check out our Security Blog.

How we stop fraudulent apps from holding you ransom

Recently we shared our 2016 Android Security Year in Review, which looks at how we protect Android users and their data. Today, we're taking a closer look at how we shield people from a rare—but particularly disruptive—potentially harmful app (PHA) known as ransomware. We’ve long had protections from ransomware in Android, and we added new ones in Nougat as well.

Ransomware is a type of app that restricts access to your device until a sum of money is paid. Ransomware usually presents itself in one of two forms: apps that restrict access to your device and then demand payment to regain access to the device, or apps that encrypt data on the device’s external storage (such as an SD card) and then demand payment to decrypt your data. To make the scam more convincing, fraudsters sometimes pretend to be from a credible law enforcement agency and accuse you of doing something illegal so you’re more likely to pay.

Although ransomware has begun to target mobile devices, it’s still rare: Since 2015, less than 0.00001 percent of installations from Google Play, and less than .01 percent of installations from sources other  than Google Play, were categorized as ransomware.  (That's less than the odds of getting struck by lightning twice in your lifetime!).

Ransomware_screen.png
Some examples of popular ransomware

And Android users have long been protected from ransomware. Our Google Play policies strictly prohibit apps that contain it, and if we ever detect these scams, we rapidly take action. Verify Apps, our security system that analyzes apps before they are installed and then regularly checks more than 400 million devices and 6 billion apps everyday for PHAs, is another safeguard. And Application Sandboxing, a technology that forces each app to operate independently of others, provides another layer of defense. Sandboxes require apps to mutually consent to sharing data, a protection which limits ransomware’s ability to access sensitive information like a contact list from another app.

Ransomware_sandbox.jpg

Ransomware protections in Android Nougat

With the release of Android 7.0 Nougat, we added to existing defenses against ransomware, and also made some changes to address some of the newer tactics of ransomware scams. Here are a few examples:

  • Safety blinders: Apps can no longer see which other apps are active. That means scammy ones can’t see what other apps are doing—and can’t inform their attacks based on activity.
  • Even stronger locks: If you set a lockscreen PIN prior to installing ransomware, ransomware can’t misuse your device’s permissions to change your PIN and lock you out.
  • Whacking clickjacking: “Clickjacking” tricks people into clicking something, often by obscuring permission dialogs behind other windows. You’re now protected from ransomware attacks that use this tactic to sneakily gain control of a device.

Protecting your data and device from ransomware

Even with all the safeguards we’ve built into Android and Google Play to protect you from ransomware, there are still a few things that you can do to keep your device safe.

  1. Only download apps from a trustworthy source, such as Google Play.
  2. Ensure Verify Apps is enabled.
  3. Install security updates and always ensure your device is updated to the latest version to get the best security protection.
  4. Back up your device.
  5. Be cautious. Take a moment to read reviews and other information about apps before installing, to make sure you download the app you’re looking for.

If you accidentally install ransomware on your phone, you have a few options. First, you can try to boot into safe mode. Starting your device in safe mode means your device only has the original software and apps that came with it. If an app is misbehaving but the issues go away in safe mode, the problem is probably caused by a third-party app downloaded on your device. If you can boot into safe mode, try to uninstall the app and then reboot the device. On a Pixel, you can get into safe mode with a keyboard combination that PHAs can't touch.

If safe mode doesn’t work, then you might have to reset your phone to factory settings. Many devices running Android allow you to remove dangerous apps by resetting it to factory settings (also referred to as formatting the device, or doing a "hard reset"). This should be your last resort, but if you’ve backed up your files, resetting your device should be easy. Check with your carrier or device manufacturer for instructions on how to reset your phone.

Ransomware on Android is exceedingly rare. Still, we’ve implemented lots of new protections in Nougat, and we continue to improve on the defenses that have long been in place. Those protections, along with extra vigilance about how you download your apps, will help keep you and your device secure.

Source: Android


How we stop fraudulent apps from holding you ransom

Recently we shared our 2016 Android Security Year in Review, which looks at how we protect Android users and their data. Today, we're taking a closer look at how we shield people from a rare—but particularly disruptive—potentially harmful app (PHA) known as ransomware. We’ve long had protections from ransomware in Android, and we added new ones in Nougat as well.

Ransomware is a type of app that restricts access to your device until a sum of money is paid. Ransomware usually presents itself in one of two forms: apps that restrict access to your device and then demand payment to regain access to the device, or apps that encrypt data on the device’s external storage (such as an SD card) and then demand payment to decrypt your data. To make the scam more convincing, fraudsters sometimes pretend to be from a credible law enforcement agency and accuse you of doing something illegal so you’re more likely to pay.

Although ransomware has begun to target mobile devices, it’s still rare: Since 2015, less than 0.00001 percent of installations from Google Play, and less than .01 percent of installations from sources other  than Google Play, were categorized as ransomware.  (That's less than the odds of getting struck by lightning twice in your lifetime!).

Ransomware_screen.png
Some examples of popular ransomware

And Android users have long been protected from ransomware. Our Google Play policies strictly prohibit apps that contain it, and if we ever detect these scams, we rapidly take action. Verify Apps, our security system that analyzes apps before they are installed and then regularly checks more than 400 million devices and 6 billion apps everyday for PHAs, is another safeguard. And Application Sandboxing, a technology that forces each app to operate independently of others, provides another layer of defense. Sandboxes require apps to mutually consent to sharing data, a protection which limits ransomware’s ability to access sensitive information like a contact list from another app.

Ransomware_sandbox.jpg

Ransomware protections in Android Nougat

With the release of Android 7.0 Nougat, we added to existing defenses against ransomware, and also made some changes to address some of the newer tactics of ransomware scams. Here are a few examples:

  • Safety blinders: Apps can no longer see which other apps are active. That means scammy ones can’t see what other apps are doing—and can’t inform their attacks based on activity.
  • Even stronger locks: If you set a lockscreen PIN prior to installing ransomware, ransomware can’t misuse your device’s permissions to change your PIN and lock you out.
  • Whacking clickjacking: “Clickjacking” tricks people into clicking something, often by obscuring permission dialogs behind other windows. You’re now protected from ransomware attacks that use this tactic to sneakily gain control of a device.

Protecting your data and device from ransomware

Even with all the safeguards we’ve built into Android and Google Play to protect you from ransomware, there are still a few things that you can do to keep your device safe.

  1. Only download apps from a trustworthy source, such as Google Play.
  2. Ensure Verify Apps is enabled.
  3. Install security updates and always ensure your device is updated to the latest version to get the best security protection.
  4. Back up your device.
  5. Be cautious. Take a moment to read reviews and other information about apps before installing, to make sure you download the app you’re looking for.

If you accidentally install ransomware on your phone, you have a few options. First, you can try to boot into safe mode. Starting your device in safe mode means your device only has the original software and apps that came with it. If an app is misbehaving but the issues go away in safe mode, the problem is probably caused by a third-party app downloaded on your device. If you can boot into safe mode, try to uninstall the app and then reboot the device. On a Pixel, you can get into safe mode with a keyboard combination that PHAs can't touch.

If safe mode doesn’t work, then you might have to reset your phone to factory settings. Many devices running Android allow you to remove dangerous apps by resetting it to factory settings (also referred to as formatting the device, or doing a "hard reset"). This should be your last resort, but if you’ve backed up your files, resetting your device should be easy. Check with your carrier or device manufacturer for instructions on how to reset your phone.

Ransomware on Android is exceedingly rare. Still, we’ve implemented lots of new protections in Nougat, and we continue to improve on the defenses that have long been in place. Those protections, along with extra vigilance about how you download your apps, will help keep you and your device secure.

How we stop fraudulent apps from holding you ransom

Recently we shared our 2016 Android Security Year in Review, which looks at how we protect Android users and their data. Today, we're taking a closer look at how we shield people from a rare—but particularly disruptive—potentially harmful app (PHA) known as ransomware. We’ve long had protections from ransomware in Android, and we added new ones in Nougat as well.

Ransomware is a type of app that restricts access to your device until a sum of money is paid. Ransomware usually presents itself in one of two forms: apps that restrict access to your device and then demand payment to regain access to the device, or apps that encrypt data on the device’s external storage (such as an SD card) and then demand payment to decrypt your data. To make the scam more convincing, fraudsters sometimes pretend to be from a credible law enforcement agency and accuse you of doing something illegal so you’re more likely to pay.

Although ransomware has begun to target mobile devices, it’s still rare: Since 2015, less than 0.00001 percent of installations from Google Play, and less than .01 percent of installations from sources other  than Google Play, were categorized as ransomware.  (That's less than the odds of getting struck by lightning twice in your lifetime!).

Ransomware_screen.png
Some examples of popular ransomware

And Android users have long been protected from ransomware. Our Google Play policies strictly prohibit apps that contain it, and if we ever detect these scams, we rapidly take action. Verify Apps, our security system that analyzes apps before they are installed and then regularly checks more than 400 million devices and 6 billion apps everyday for PHAs, is another safeguard. And Application Sandboxing, a technology that forces each app to operate independently of others, provides another layer of defense. Sandboxes require apps to mutually consent to sharing data, a protection which limits ransomware’s ability to access sensitive information like a contact list from another app.

Ransomware_sandbox.jpg

Ransomware protections in Android Nougat

With the release of Android 7.0 Nougat, we added to existing defenses against ransomware, and also made some changes to address some of the newer tactics of ransomware scams. Here are a few examples:

  • Safety blinders: Apps can no longer see which other apps are active. That means scammy ones can’t see what other apps are doing—and can’t inform their attacks based on activity.
  • Even stronger locks: If you set a lockscreen PIN prior to installing ransomware, ransomware can’t misuse your device’s permissions to change your PIN and lock you out.
  • Whacking clickjacking: “Clickjacking” tricks people into clicking something, often by obscuring permission dialogs behind other windows. You’re now protected from ransomware attacks that use this tactic to sneakily gain control of a device.

Protecting your data and device from ransomware

Even with all the safeguards we’ve built into Android and Google Play to protect you from ransomware, there are still a few things that you can do to keep your device safe.

  1. Only download apps from a trustworthy source, such as Google Play.
  2. Ensure Verify Apps is enabled.
  3. Install security updates and always ensure your device is updated to the latest version to get the best security protection.
  4. Back up your device.
  5. Be cautious. Take a moment to read reviews and other information about apps before installing, to make sure you download the app you’re looking for.

If you accidentally install ransomware on your phone, you have a few options. First, you can try to boot into safe mode. Starting your device in safe mode means your device only has the original software and apps that came with it. If an app is misbehaving but the issues go away in safe mode, the problem is probably caused by a third-party app downloaded on your device. If you can boot into safe mode, try to uninstall the app and then reboot the device. On a Pixel, you can get into safe mode with a keyboard combination that PHAs can't touch.

If safe mode doesn’t work, then you might have to reset your phone to factory settings. Many devices running Android allow you to remove dangerous apps by resetting it to factory settings (also referred to as formatting the device, or doing a "hard reset"). This should be your last resort, but if you’ve backed up your files, resetting your device should be easy. Check with your carrier or device manufacturer for instructions on how to reset your phone.

Ransomware on Android is exceedingly rare. Still, we’ve implemented lots of new protections in Nougat, and we continue to improve on the defenses that have long been in place. Those protections, along with extra vigilance about how you download your apps, will help keep you and your device secure.

Source: Android


Improve your nonprofit’s account security with 2-step verification

While online accounts allow nonprofits to easily communicate with partners, volunteers and donors across the world, this shared network can also leave your account vulnerable to intruders. As your nonprofit continues to grow its online presence, it’s crucial to keep confidential information (e.g., finances or donor’s information) safe. While passwords have historically been the sole guardian for online account access, research from Google has shown that many passwords and security questions can easily be guessed. That's why we strongly recommend that all nonprofits using GSuite for Nonprofits, or Google products like Gmail, use 2-Step Verification (2SV) as an additional protection on their account(s). 

Account hijacking—a process through which an online account is stolen or hijacked by a hacker—constitutes a serious threat to your nonprofit’s operations. Typically, account hijackings are carried out by phishing attempts or hackers who guess weak passwords. Because of this, it’s especially important for your nonprofit to maintain strong and unique account passwords to keep sensitive data safe.

But 2SV goes beyond just a strong password. It's an effective security feature that combines "something you know" (e.g., a password) and "something you have" (e.g., a text, a prompt, or a Security Key) to protect your accounts. Think of this like withdrawing money from an ATM/cash machine: You need both your PIN and your debit card.

Google Authentication app.png
Our free Google Authenticator app is available for Android and iOS devices, which generates a code for you each time you want to sign in to your account.

Now that you know what 2SV is, head over to our Help Page to start improving your nonprofit’s online security now. (Quick tip: Remember to keep your account settings up to date and configure backup options to use if your phone is ever lost or stolen). Stay safe, nonprofits!  

To see if your nonprofit is eligible to participate, review the Google for Nonprofits eligibility guidelines. Google for Nonprofits offers organizations like yours access to Google tools like Gmail, Google Calendar, Google Drive, Google Ad Grants, YouTube for Nonprofits and more at no charge. These tools can help you reach new donors and volunteers, work more efficiently, and tell your nonprofit’s story. Learn more and enroll here.

Improve your nonprofit’s account security with 2-step verification

While online accounts allow nonprofits to easily communicate with partners, volunteers and donors across the world, this shared network can also leave your account vulnerable to intruders. As your nonprofit continues to grow its online presence, it’s crucial to keep confidential information (e.g., finances or donor’s information) safe. While passwords have historically been the sole guardian for online account access, research from Google has shown that many passwords and security questions can easily be guessed. That's why we strongly recommend that all nonprofits using GSuite for Nonprofits, or Google products like Gmail, use 2-Step Verification (2SV) as an additional protection on their account(s). 

Account hijacking—a process through which an online account is stolen or hijacked by a hacker—constitutes a serious threat to your nonprofit’s operations. Typically, account hijackings are carried out by phishing attempts or hackers who guess weak passwords. Because of this, it’s especially important for your nonprofit to maintain strong and unique account passwords to keep sensitive data safe.

But 2SV goes beyond just a strong password. It's an effective security feature that combines "something you know" (e.g., a password) and "something you have" (e.g., a text, a prompt, or a Security Key) to protect your accounts. Think of this like withdrawing money from an ATM/cash machine: You need both your PIN and your debit card.

Google Authentication app.png
Our free Google Authenticator app is available for Android and iOS devices, which generates a code for you each time you want to sign in to your account.

Now that you know what 2SV is, head over to our Help Page to start improving your nonprofit’s online security now. (Quick tip: Remember to keep your account settings up to date and configure backup options to use if your phone is ever lost or stolen). Stay safe, nonprofits!  

To see if your nonprofit is eligible to participate, review the Google for Nonprofits eligibility guidelines. Google for Nonprofits offers organizations like yours access to Google tools like Gmail, Google Calendar, Google Drive, Google Ad Grants, YouTube for Nonprofits and more at no charge. These tools can help you reach new donors and volunteers, work more efficiently, and tell your nonprofit’s story. Learn more and enroll here.