- Requiring a physical, USB Security Key to log in to your account.
- Only allowing specific apps to access to your Google data. For now, the only apps that can access your data will be Google’s own.
- Having additional reviews and procedures for any account changes or recovery requests.
This program isn’t for everyone—Google’s clear on that—but for journalists, campaign staffers, or anyone who might be at a higher risk for hacking or phishing, this appears to be an obvious preventive step.
For the rest of us, using a strong, unique password and turning on Google’s Two-Factor Authentication should be good start. It’s also worth checking out what apps have access to your account, and then removing the ones you don’t use anymore.