There’s always the risk that you can sign onto one of your online accounts only to find that someone else has taken it over without your knowledge or permission. That kind of situation was happening quite a bit to people who used Google’s online services such as Gmail in the past.
This week, Google posted word on its blog page that it has taken more steps to better protect user accounts from such activity. The efforts started in 2010 when Google noticed that hackers had made changes in their efforts to break into Google accounts.
The blog stated:
We’ve seen a single attacker using stolen passwords to attempt to break into a million different Google accounts every single day, for weeks at a time. A different gang attempted sign-ins at a rate of more than 100 accounts per second.
Google’s solution was to create a large number of variables, over 120 in fact, that are considered whenever a person signs onto a Google account. If a sign-in doesn’t agree with the variables, such as an account that’s accessed from a different country than usual, Google might ask the user a security question or their phone number.
Most hackers can’t answer that information and Google said that those efforts have caused account hijacks to go down by 99.7 percent since 2011. Of course, users can take their own steps to better protect their accounts, such as using two step notification for password confirmations, as well as stronger passwords and using more options for password recovery.
via Google reveals how it has improved user account security – Neowin.