Google has just announced that its strongest level of login security, known as its Advanced Protection Program, now extends to users who have Nest smart home devices (security cameras, thermostats, etc.) associated with their accounts.
The move comes as Google works to lock down the security of its Nest-brand products, with Google starting the process this month of mandating two-factor authentication for Nest users who’ve yet to migrate their accounts to Google.
Designed for users at “high risk of targeted online attacks,” such as journalists, politicians, activists, and business leaders, Google’s Advanced Protection Program offers a much tougher layer of security than two-factor authentication.
Not only do those enrolled in the program need their passwords to log into Google, they also need either a physical security key (users must have two security keys in total, including a backup), the built-in security key on a supported Android phone, or an iPhone with the Google Smart Lock app installed.
On its security blog, Google said that Nest support for its Advanced Protection Program was one of the “top requests” it had received from users. Previously, the Advanced Protection Program wasn’t an option for a Google account that had Nest devices associated with it.
On a support page, Google warns that Nest users who enroll in the Advanced Protection Program should only add other home members who they “trust,” and it “strongly” recommends that all their fellow Nest home members enroll in the Advanced Protection Program, too.
Google has been taking a variety of steps to shore up Nest’s security over the past several months. Besides mandating two-factor authentication, Google recently implemented reCAPTCHA Enterprise, a technology designed to guard against automated attacks, for non-migrated Nest accounts. Google also rolled out Nest login notifications, as well as checking for passwords that have recently been exposed by data breaches and automatically resetting accounts due to suspicious activity.