When it comes to the eternal tradeoff between digital security and convenience, most tech firms focus their efforts on the vast majority of people who choose a painless user experience over a paranoid one. But Google is adding a set of features specifically targeted at those who prefer the latter. You can now lock down your account to a degree that no other major tech firm has ever offered directly to users, convenience be damned.

On Tuesday, Google announced the launch of a new "advanced protection" setting for Google accounts, which makes it harder than ever for hackers to break into your sensitive data on Gmail, Google Drive, YouTube or any other Google property. The opt-in, ultra-secure mode is intended for truly high-risk users, including those who face the threat of state-sponsored, highly resourced cyberespionage. Think politicians and officials, high net-worth individuals, activists, dissidents, and journalists.

As such, it's a strict and unforgiving system, designed to reinforce every possible weak link that hackers could use to hijack your account. Logging in from a desktop will require a special USB key, while accessing your data from a mobile device will similarly require a Bluetooth dongle. All non-Google services and apps will be exiled from reaching into your Gmail or Google Drive. Google's malware scanners will use a more intensive process to quarantine and analyze incoming documents. And if you forget your password, or lose your hardware login keys, you'll have to jump through more hoops than ever to regain access, the better to foil any intruders who would abuse that process to circumvent all of Google's other safeguards.

'Even for people with very limited technology chops, this is a way for them to have an extremely protected profile.' Joseph Hall, Center for Democracy and Technology

"This is basically an extremely heavy-duty way of locking down an account," says Joseph Lorenzo Hall, the chief technologist for the Center for Democracy and Technology. "Even for people with very limited technology chops, this is a way for them to have an extremely protected profile."

The Advanced Protection rollout comes in the wake of a series of sophisticated hacking campaigns that have targeted Gmail and focused on the accounts of journalists, activists, and political opponents of the Russian government. Most public of those was the Kremlin-backed intrusion that hit the Gmail account of Hillary Clinton campaign manager John Podesta and led to WikiLeaks trickling out his emails for weeks, with far-reaching political reverberations.

"There is an overlooked minority of our users that are at particularly high risk of targeted online attacks," reads a blog post about the new feature from Google's security team. "For example, these might be campaign staffers preparing for an upcoming election, journalists who need to protect the confidentiality of their sources, or people in abusive relationships seeking safety."

Or, as CDT's Hall puts it, "If John Podesta had been able to turn this on sometime last year, the world might be a very different place."

Of all its tightened security measures, Advanced Protection's biggest day-to-day change for most users will likely be its requirement that they use a physical piece of hardware with every login. Users will have to buy their own so-called Universal Second Factor or U2F keys—one USB key for their desktop that costs around $20, and one Bluetooth-LE-enabled key for mobile that's closer to $25. Google says it supports any keys approved by the FIDO Alliance, a group that manages identity and authentication protocols.

Those devices represent a significant step up from the purely digital two-factor authentication that has become the Silicon Valley standard. That added layer of protection sends temporary login codes to users via SMS, or generates them with a smartphone app like Google Authenticator. Requiring a U2F token instead of that code makes impersonating a user far more difficult. Unlike one-time codes, those tokens can't be intercepted on the carrier network, or obtained by hacking someone's smartphone. More importantly, the hardware-enabled login isn't vulnerable to phishing sites that spoof Google's login page, and then use a stolen code and password to immediately hijack the user's account. The U2F key performs its own authentication step with Google's site to check it's legit, and only then supplies a key that logs the user in with no need to type a code.