Google rolls out support for USB Security Key
Google on Tuesday rolled out support for Security Key, an open-source platform, enabling users to log in to an account using a physical USB device.
The new feature can be used in place of the company’s currently used two-factor authentication mechanism, which requires users to enter one-time-use codes received via text message or generated with a mobile app when they log in from a new device. This means that users will not be required to pull out their smartphone and generate a security code every time they wish to check their email.
Users will just need to insert a USB Security key, based on the open Universal 2nd Factor protocol promoted by the FIDO Alliance, into a USB port and then instead of typing in a code, they can simply tap the USB device when prompted by Google Chrome. Google claims that the new security feature provides better protection against phishing.
“Today we’re adding even stronger protection for particularly security-sensitive individuals,” said Nishit Shah, a Google Security product manager, in a blog post.
“Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google,” Shah added.
According to Google, the Security Key only supports the version 38 or newer of the Google Chrome browser which means Firefox or Internet Explorer users will have to switch to Chrome if they want to make use of the new device.
Users can buy the Security Key specialized USB drives for under $20 on Amazon.