Google Introduces USB Security Key for 2-Step Verification

Few days back we were discussing on how to keep your Passwords and Online Accounts Safe; one of the tips was to use the Two Factor Authentication. Google today introduced the two step verification with Security Key. One can now choose Security Key as the primary method, instead of having verification codes sent to the phone.

With Security Key, one does not need to look or wait for codes on the phone and then re-type it; rather he/she can simply insert the Security Key into computer’s USB port when asked.

google_keyAs Google explains in a blog post, there are two advantages to using Security Key over a mobile device:

  • Better protection against phishing. Google sends a verification code to your phone when you try to sign in to confirm it’s you. However, sophisticated attackers could set up lookalike sites that ask you to provide your verification codes to them, instead of Google. Security Key offers better protection against this kind of attack, because it uses cryptography instead of verification codes and automatically works only with the website it’s supposed to work with.
  • No mobile connection or batteries needed. Security Key works without a data connection, and you can carry it wherever you go on a keychain or in your wallet.

To use Security Key, one will need a computer running Google Chrome version 38 or newer on ChromeOS, Windows, Mac OS, or Linux. Security Key and Chrome incorporate the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, so other websites with account login systems can get FIDO U2F working in Chrome today.

Security Key works with Google Accounts at no charge, but you’ll need to buy a compatible USB device. You can buy one at Amazon here.