Security Shield.

Common questions about Advanced Protection Program.

Enrolling in Advanced Protection

Who should enroll in the Advanced Protection Program?

People whose accounts contain particularly valuable files or sensitive information should consider Advanced Protection. Google strongly recommends that journalists, activists, business executives, and people involved in elections enroll.

I have more than one account. Which one should I enroll?

If you’re at high risk for targeted online attacks, we recommend enrolling both your work and personal accounts, and possibly even your family members’ accounts.

I have a G Suite Account. Can I enroll?

If you have a G Suite Account (an organizational Google Account) you can enroll it individually with admin approval. Start the enrollment process to see if your admin has already enabled Advanced Protection. If not, speak to your admin directly.

I’m a G Suite administrator for a team or organization. Can I enroll everyone?

Yes. In fact, we recommend enrolling all of the accounts in any organization that might be targeted, such as a campaign; a political, journalist, or activist group; or an election-related organization.

Getting ready to enroll

How much does Advanced Protection cost?

The Advanced Protection Program is a free service. However, you may need to purchase a security key if you don’t have one.

Do I need any special hardware or software?

Yes, you should have two security keys, one of which can be your phone’s built-in key. You’ll need to have at least one security key with you when you enroll.

If your phone is running Android 7 or later, or iOS 10.0 or later with the Google Smart Lock app, you can use your phone’s built-in security key as your primary key. There’s no extra cost for using it. You should also purchase an external physical key as a backup.

If your phone can’t be used as a security key, you will need to purchase a physical key before you enroll in Advanced Protection. You should still order a second physical security key as your backup.

The price of security keys varies by model. You can purchase Google’s Titan Security Key or any key that supports the FIDO open standard. You’ll also have an opportunity to view recommended keys during enrollment.

If you’re part of a federal campaign, you may qualify for a free Google Titan Security Key. Google has partnered with Defending Digital Campaigns (DDC) to help safeguard campaign accounts, and make it easier for campaigns to enroll in Advanced Protection. Check your eligibility.

Is there anything I should set up before enrolling?

Yes. Add an email and phone number to your Google Account, so it’s easy to recover if you get locked out.

iPhone users

Using your account with Advanced Protection

What can I expect once I’m enrolled? What will be different?

Most of your day-to-day account activity will not feel different.

  • The biggest change will be that one of your security keys will be required when you sign in to your account on a new device (or sign in on your phone after signing out). The most convenient security key is the one built into your phone.
  • You may find you receive more alerts or warnings before downloading a file or installing an app. Strong protections against malware are built into all Google products, such as Google Play Store and Google Chrome, but Advanced Protection performs even more stringent checks.
  • A number of account security features that were optional will be automatically turned on and kept on for your account.

Using security keys

What’s a security key and how do I get one? How many do I need?

A security key can be built into your phone, or can be an external physical key, just as you would have for your house or car. Whether it’s your phone or an external physical key, you have an object in your possession that a hacker isn’t likely to have, even if they know your password.

Advanced Protection requires a security key when you sign in to your account on a new device (or on your phone, if you sign out and then back in again). Accounts that require keys are much safer from attacks than accounts that only require a password.

You’ll need at least one security key to enroll in Advanced Protection, and we strongly recommend adding a second key as a backup during, or very soon after enrollment.

The security key built into your phone

The most convenient security key is the one built into your phone — software that allows your phone to act as a security key. We recommend this as your primary account key.

This built-in key can detect when the device you’re signing in on is nearby, which means it’s likely that you’re the one signing in. Unauthorized users might be able to get your password, but are much less likely to have your phone nearby when they try to sign in to your account from another device.

External physical keys

Your second, backup key will be an external one. This key will keep you from getting locked out of your account if you lose your phone (or other primary key).

There are many kinds of external keys. You might plug a USB key into your phone to sign in, keep a Bluetooth key nearby, or hold an NFC key close to your phone when you sign in.

You can purchase Google’s Titan Security Key or any key that supports the FIDO open standard. You’ll also have an opportunity to view recommended keys during enrollment.

If you don’t have a phone running Android 7 or later, or iOS 10.0 or later, you won’t be able to use your phone as one of your security keys. You’ll need to purchase an external key as your primary key in order to enroll. You should still order a second one as your backup.

Will I need to keep my key with me all the time? What if I lose it?

You’ll need your security key for signing in to your Google Account on a new device, or in case you sign out of your account on your phone and then need to sign back in. This may not happen often, but you’ll want your key handy when it does. Remember to take it with you when you travel.

If you lose your key and are still signed in on one of your devices, visit account.google.com to add or replace a key. Otherwise, submit a request to recover your account. Google may take a few days to verify it’s you and restore your access.

Protecting elections

How can I enhance security for my account during election season?

To further protect accounts at a high risk of attacks during the U.S. election season, you can request enhanced security for your account here.

To make political organizations safer with Advanced Protection, we’ve partnered with Defending Digital Campaigns to provide free Titan Security Keys. Contact the DDC to see if your team is eligible for free keys.

For more FAQs, visit the
Advanced Protection Help Center.
Enroll in Advanced Protection.