Google hasn’t suffered an employee phishing compromise in over a year

Phishing attackers have failed to compromise a single employee account at Google since the company mandated authentication using U2F hardware tokens in early 2017. That’s the remarkable claim made to security writer Brian Krebs.