Brian Krebs has written a blog post about how Google has been using security keys to neutralize phishing of their employees. It stops the phishing quite well but comes at a high cost. No, not the hardware cost of a security dongle, it's the cost of losing third-party mail applications like Thunderbird and their add-ons like Enigmail.
I have been using Advanced Protection for several months now without any major issues, although it did take me a few tries to get it set up correctly. One frustrating aspect of having it turned on is that it does not allow one to use third-party email applications like Mozilla’s Thunderbird or [others]. I found this frustrating because as far as I can tell there is no integrated solution in Gmail for PGP/OpenGPG email message encryption, and some readers prefer to share news tips this way. Previously, I had used Thunderbird along with a plugin called Enigmail to do that.
(Score: 0) by Anonymous Coward on Wednesday July 25 2018, @08:09PM
Another bonus of app passwords is that Google locks those out if it detects reuse but doesn't lock out your primary account access. You can just go in and change out the password.