Mountain View’s two-step authentication is about to get even better in Chrome, as the company announced the launch of physical USB Security Keys.
Until now, logging into your Google account while having the 2-step authentication active required you to enter either a code received on your phone via text message, or one generated by the Google Authenticator smartphone app (which in case you didn’t know, also works with Dropbox). Unlike Dropbox and other companies who have had security issues in the recent past, Google didn’t wait for its accounts to be compromised before beefing up its security measures, fact that should really be appreciated by its users.
In Google’s opinion, there are two reasons why the safety of the two-step authentication needed to be improved. First of all, there’s the risk of phishing. Hackers are able nowadays to replicate not only the login page to your Google account, but also the two-step authentication one. This way, if you’re not paying attention to what’s written in the address bar of your browser, you could become a victim and have your Google account compromised.
Secondly, there are situations when your smartphone doesn’t have a data connection, or when its battery runs out prior to using the Authenticator app. The USB Security Key, on the other hand, is always in your pocket, and can be attached to your keychain, so that you don’t misplace it.
The Google 2-Step Authentication Security Key isn’t pretentious in terms of the platform you’re using, as long as you have Chrome 38 or newer. In other words, it will work just fine on any device running ChromeOS, Windows, Mac OS, or Linux. Since both Chrome and the Security Key include the Universal 2nd Factor (U2F) open-standard developed by the FIDO Alliance, so any USB key compliant with this standard can be used.
Just to make sure that there are no misunderstandings, the Security Key isn’t here to entirely replace the codes that were used until now for the two-step authentication. As a matter of fact, you can continue using those, especially if you only use your Google account on mobile devices (even though USB OTG could be deployed in that case), or if you don’t use Chrome as your browser.
Be social! Follow Walyou on Facebook and Twitter, and read more related stories about the 7 million Dropbox accounts that might have been compromised, and the Tuit security ring that uses NFC to unlock your phone.
Arlo is following the leads of Nest and Ring in requiring tighter security for its smart home devices. It's warning customers that it'll require two-factor authentication for accounts by the end of 2020. As it explained in a support guide, you'll h...
Who said that Apple- and Google-powered devices can't work in harmony? Not Google. It's taking advantage of its recently added security key functionality to use your Android phone as verification for Google sign-ins on iOS devices. If you have Goo...
Until now, you've had to use Chrome to sign into your Google account with a security key. You won't have to be quite so choosy going forward, though. Google has transitioned to using the new Web Authentication standard for hardware-based sign-ins,...
Google just made it easier to lock down your account if you're a G Suite user. The internet giant is trotting out a series of updates for two-step verification, starting with the interface itself. You'll see new instructions text and images to walk...
