Google today announced that any phone running Android 7 or higher can now be used as a security key for two-factor authentication. Therefore, you can use your phone when you need a second device to verify your login. Users with Android smartphones are more intuitive because the Google Authenticator app includes Bluetooth.
To set your Android phone as a security key, check your login by dialing your Chrome browser via Bluetooth. Works with Gmail, G Suite, Google Cloud, and other Google Account services. Google can sign up for another website later, but we're verifying your authentication service.
With 2-step verification, you can prevent unauthorized sign-in if someone gets your password. This can create a risk to your account due to leak and phishing attacks. It is recommended that everyone use their mobile phone as a security key, but it is especially recommended for "journalists, activists, business leaders, and political campaigning teams who target online attacks."
Two-step verification is equally secure, and Google's new option should be one of the better options. Your Android phone and Chrome browser communicate with each other to make sure that the site you sign in to is legitimate. Use two authentication protocols [FIDO] and [WebAuthn] to double-check that you are at the correct site without phishing.
To activate your Android phone as a security key, you need to have a separate Chrome browser open on your device running Android 7+ and Chrome OS, macOS or Windows 10 devices. First, sign in to your Google Account on your Android phone and turn on Bluetooth. Then open Chrome's myaccount.google.com/security on the second device and tap & # 39; 2-step verification. & # 39; Select the option to add a security key and select your phone from the device list.
With Pixel 3, you can store your FIDO credentials in Pixel's Titan M chip to verify that the button presses are legitimate, so you can activate the security key using the Volume Down button. You can still use 2-step verification on other Android 7+ devices, but you'll need to sign in and tap the button.
This service is currently available on Android phones only and is available exclusively. Log in to Google services, not third-party sites. Because Google's new technology runs on the same protocol, including the FIDO standard, physical security keys are only a matter of time before other companies implement similar technologies. Other browsers other than Chrome can also be supported, and other services will eventually be able to use your Android phone as a security key. Google says it is working on its final goal.