Google has introduced a security mechanism in which users can log into their Gmail accounts via a two-step authentication method. This means that once you’ve entered your password an extra step is required to gain access to your account. This layer of security makes it much more difficult for hackers to gain access to your account even with information such as your password. Adding onto that level of security, Google has added in a feature which is known as security or authentication USB key.
A security key allows you to use a physical USB key/thumb drive to act as that second factor login. This protects you in multiple ways. First off, it double checks that you’re on a verified Google site when logging in, otherwise it won’t allow access to the fake phishing site, which is a plus for online security. Additionally, since it requires a physical device to plug into your laptop/desktop in order to gain access, even if someone gains physical access to your computer or laptop, they still cannot access your google account data.
The protocol used is known as FIDO U2F (Universal 2nd Factor support), by FIDO Alliance. Any device using this encryption protocol can be used. YubiKey has been manufacturing the same product designed for cross-browser compatibility, also utilizing the same U2F protocol, their Neo key can be used for this purpose.
Due to the continuous amount of “cracking” and data breaches that are happening to worldwide online servers and datacenters, more online service businesses are prone to integrate this kind of technology to better secure their services. Google saw the value, as much of the time the security lies with the login requirements, as opposed to how secure the servers or firewalls are. Users now have an option to take initiative and responsibility to better secure their own accounts.
For the full list Google services currently compatible with the USB security authentication key, read Google’s complete post at; https://support.google.com/accounts/answer/6103523
Overall, this security key feature for Google means a couple of things
- Better protection against phishing
- Works without network connection
- No App – Not compatible via Mobile Devices (Requires USB port)
- Mobile devices can still utilize 2-step verification codes sent by SMS, and such.
- Only works with chrome
However if you meet everything above then by all means try it out. Better security is a standard that is applicable to everyone this day and age. Considering the amounts of data & information we have in our Google accounts, extra layers of protection are always good to have.
Whether it’s someone who cracks or phishes your password, or just gets direct access to a computer with your account logged in, they will automatically get booted out if you have use the usb key. The 2-step verification process is being widely adapted, and using established technology like a pen drive to work hand in hand with new security features is a great thing, mostly because it works and is inexpensive. Aside from that, it makes the two step process super simple. Simply plug in the USB that’s authorized and you’re good to go.
Google has a full page on common question & answer regarding the key which you can read here: https://support.google.com/accounts/answer/6103543?hl=en
The post answers important topics such as multiple account use, browser support, multiple computers, etc. If you care about the security of your account & want to enable 2-factor authentication via a physical device rather than retyping a code than this is for you. The process has never been simpler while lessening the chances of your account being breached. Also eliminating the tedious process of 2-step by making as simple as plugging in a USB. Find out more in the links above.