Android Phones Now Accepted as Hardware Key for Google Login
Apr 10, 2019, 1:34 PM by Rich Brome
Google has expanded the two-step verification options when logging into Google services on a tablet or computer to allow the use of any Android 7+ phone as a hardware security key. The option is available today, for both personal and business accounts. It requires the Google Chrome browser on the computer or tablet. After entering their password on the computer or tablet, the user only needs to press one button on their phone, initiating the secure exchange of cryptographic keys over Bluetooth, which completes the login. Passwords alone only provide limited security, so two-step verification (2SV) is recommended for most users. Basic versions of 2SV use one-time codes, sent via text or app, as an additional password. But users can be tricked into giving these codes to attackers, and in some cases the codes can be intercepted. The most secure 2SV relies on a separate physical device carried by the user. Google sells such a keychain device — the Titan Security Key — for $50. Now any Android 7+ phone can serve that purpose, although Google still recommends a secure backup key in case the phone is lost.
Comments
No messages