Google reveals two-step verification Security Key technology

22 Oct 20141 Share

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Internet search giant Google has introduced a new two-step verification Security Key that will only allow security-conscious users to log into their favourite Google sites if they plug the USB device into their computer.

In these increasingly threatening times you can never be too careful about password protection and in recognition of this Google has brought out a new technology it calls Security Key.

The technology provides a physical second factor that only works after verifying the login site is a real Google site and not a fake site pretending to be Google.

“Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome,” explained Nishit Shah, product manager at Google Security.

“When you sign into your Google account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished.”

U2F protocol

The new Security Key and Google’s Chrome browser incorporate the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance.

Security Key works with Google Accounts at no charge, but users would need to buy a compatible USB device directly from a U2F participating vendor.

“It’s our hope that other browsers will add FIDO U2F support, too,” Shah said.

“As more sites and browsers come on board, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported.”

USB Security Key image via Shutterstock

Editor John Kennedy is an award-winning technology journalist.

editorial@siliconrepublic.com