While Ms Adkins is not directly responsible for countering attacks on Google's customers, such as "Gooligan'' and last year's "spear-phishing" hack into the Gmail account of John Podesta, Hillary Clinton's campaign chair, she works closely with specialised group the Android security team, because the same hackers tend to be a threat to both.

"Hackers take many routes to reach their goals, and Google's own infrastructure is one of them," Ms Adkins said.

Setting an example

Google and its parent company Alphabet are understood to have suffered no major breaches of their corporate networks since a Chinese attack in 2009.

That is not for want of criminals trying. The year 2016 saw a 65 per cent year-on-year increase in the number of reported "phishing" attacks, where people are tricked into exposing online account usernames and passwords, or into visiting websites that download "ransomware'' into their systems.

Ms Adkins says she wants to kill off passwords as a security measure. Pawel Kopczynski

Ms Adkins said Google tried to set an example for other organisations to follow in preventing such attacks.

For instance, while Google customers would be familiar with its "two-step verification" system, where a login to a Google account must be confirmed via a code that is text-messaged to a linked telephone number, Google employees must confirm by placing their finger on a "security key" in their smartphones or USB ports.


The technology behind such "universal second factor" devices is now open-source, and Ms Adkins hopes it will go mainstream.

"We need to rid the world of passwords, which have always been a terrible way to secure computers," she said.

Google security staff are experimenting with a 'vitamin pill' that a user could take daily to strengthen their biometric identity signals. Quentin Jones

Guinea pigs

Google's own staff are the guinea pigs for the password-killing "Project Abacus" out of its "advanced technology & projects" unit, which uses a combination of signals such as voice and facial recognition, typing patterns, walking patterns and location to build an alternative, hacker-hindering form of user verification.

Ms Adkins revealed the unit was even experimenting with a "vitamin pill" that a user could take daily to strengthen their biometric identity signals.

Corporates should consider handing out less complex computers to their employees, Ms Adkins advised.

"The platform I worry about least in all of Google is the Chromebooks our people carry around, because they've got such a small footprint – a Chrome browser and that's it," she said.

"Most PCs are essentially supercomputers. You can run databases on them, web servers on them, it increases the vulnerability if they fall under the wrong control. The web nowadays is going to be a rich enough experience for most of your staff."

Chrome's "safe browsing" technology is now flagging to its users an average of more than 1 million malware or "phishing'' sites every day, double the number in 2012, according to Google's own transparency reports.