Google on Wednesday announced its Titan security key for physical two-factor authentication. It is a small device, the size of a USB drive that stores hidden online logins. It has a button that you tap instead of retyping codes to log in to whichever service you are using. The key uses cryptography to provide two-way verification.
How it works is when you enter your password, pair the Bluetooth key or plug in the USB key to prove that you are who you say you are. Unlike other 2-step verification methods that use one-time codes via text message, security keys don’t require a phone number on your account.
The Titan security key goes further than traditional two-step verification, requiring you to use a physical Security Key in addition to your password to sign in to your account.
Google's employees have been using the key as their Advanced Protection Program for about a year. Out of the 85,000 employees, not one has been subjected to phishing attacks within that time.
The key comes in two types - one Bluetooth and one USB drive and allows only Google apps and select third-party apps that enables users to turn on universal two-factor authentication to access your emails and Drive files. It uses protocol approved by FIDO alliance.
The Titan key will be available for sale in Google's online store soon (how soon, we're not sure) and will also be able to warn you about visiting a phishing website.
Here’s how to use the key:
To set up the key from your Google account, you have to go into your privacy and security settings and turn on two-factor authentication on your account. It will ask you to sync your phone and will send you a code to set up your two-factor authentication.
After setting up, go back to the two factor authentication menu and select security key to know all about how to use the key.
To add a key to your account:
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)