Skip to main content

Security upgrade! Google will now let you log in with a special USB key

facebook security key by yubico
With countless security breaches taking place where data such as usernames and passwords falls into the hands of cybercriminals, Internet users are being increasingly encouraged to enable two-step verification with Web services that offer it.

This extra layer of security forces you to enter a dynamically generated code sent to a mobile device, together with the usual password. This beats hackers as they’d need not only your password, but your mobile device too, in order to break into your account.

While this might sound like enough to protect your Web accounts, Google on Tuesday announced it’s adding “even stronger protection” for its own online services, a move that it says is aimed at providing peace of mind for “particularly security-sensitive individuals.”

The method, called Security Key, uses the Universal 2nd Factor (U2F) protocol from the FIDO (Fast Identity Online) Alliance. It involves first pairing a small device, the key, with your Google account. After that, each time you log in with your password, you simply insert the key into your computer’s USB port, wait for a prompt (eg. a flashing light on the device), give it a tap, and you’re in.

A notable advantage of the key is that it offers improved protection against phishing scams as it only works with genuine Google sites rather than imitation sites designed to trick you into handing over sensitive data, such as your password.

“When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished,” Google’s Nishit Shah wrote in a blog post announcing the company’s new security measure.

However, be aware that if you’re logging in using a tablet that has no USB port, you’ll have to fall back on one of your other two-step verification options. Also, as Shah alludes to above, accessing your Google account using the key can currently only be done via the company’s Chrome browser.

“It’s our hope that other browsers will add FIDO U2F support,” Shah said in his post. “As more sites and browsers come onboard, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported.”

A number of firms make the special USB key, which costs upwards of around $10. One supplier, Yubico, offers a brief run through of how it works in the video below.

[Image: Yubico]

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Here’s why you need to update your Google Chrome right now
Google Chrome opened on a laptop.

Google has just released a new version of Chrome, and it's crucial that you get your browser updated as soon as possible.

The patch was deployed to fix a major zero-day security flaw that could potentially pose a risk to your device. The latest update is now available for Windows, Mac, and Linux -- here's how to make sure your browser is safe.

Read more
Google just thwarted the largest HTTPS DDoS attack in history
A depiction of a hacker breaking into a system via the use of code.

Google has confirmed that one of its cloud customers was targeted with the largest HTTPS distributed denial-of-service (DDoS) attack ever reported.

As reported by Bleeping Computer, a Cloud Armor client was on the receiving end of an attack that totaled 46 million requests per second (RPS) at its peak.

Read more
Zoom just fixed a major security flaw on Mac. Here’s why you should update now
The Logitech Brio 4K Pro attached to a Macbook.

If you have Zoom installed on your MacBook, you'll want to update the app right now. Zoom spent the weekend patching a major security flaw in its Mac app, and the update is available right now.

According to The Verge, it all began at Def Con, a computer security and hacker conference in Las Vegas. The founder of the security non-profit Objective-See and an ex-NSA security analyst, Patrick Wardle, took to the stage on Friday and presented a stunning find: a massive security vulnerability in the Zoom installer for MacBooks.

Read more