Google improves two-step verification by turning your Android phone into a security key

Google improves two-step verification by turning your Android phone into a security key

Google seems to be putting more effort than ever into keeping Android users safe and sound against both potentially harmful applications and good old fashioned hackers. At the same time, traditional passwords are gearing up to go the way of the dodo, making space for more sophisticated methods of authentication, and now two-step verification is taken to the next level of convenience with a simple new feature.

This is all part of the search giant's grand plan to make our digital lives safer and easier, as the latest technology unveiled yesterday essentially makes physical security keys obsolete. That's because any Android phone running OS version 7.0 and up can basically become a security key now to add an extra layer of protection to your Google Account sign-ins.

Of course, two-step verification (or 2SV) has been around for a long time, allowing users to strengthen their passwords with things like text message codes and push notifications. While that's definitely preferable to using no second verification step to log into your account, it's also pretty vulnerable to modern phishing attacks. The same goes for your actual password, which is why you should absolutely buy a physical security key if you're worried about hacks... or simply use what you already have in your pocket to protect your account.


To turn your phone into a security key, you obviously need to add your Google Account to it first and foremost, then activate the 2SV feature. After accessing your security settings, you'll find an option to "set up an alternative second step", which will then allow you to easily enable your Android phone's newly added security key capabilities. Once that's done, trying to sign into your account using the Chrome browser on a computer with its Bluetooth support activated will send a notification to your handset (which also needs its Bluetooth and location services to be enabled).

The idea is you'll have to keep the phone close to the computer when verifying the sign-in process by following a few simple instructions, which will make account phishing practically impossible. That's such a neat and straightforward way to boost your online security that we're amazed it's taken Google this long to roll the feature out. And mind you, this is still a beta program, so we may have to wait a little longer until it becomes 100 percent reliable. It would also be nice if the company added support for other browsers in the near future.

FEATURED VIDEO

5 Comments

1. iloveapps

Posts: 582; Member since: Mar 21, 2019

I thought android had this before.

2. vincelongman

Posts: 5628; Member since: Feb 10, 2013

This adds another layer of security It uses bluetooth to check to see if your phone is near the PC you are logging into

3. vincelongman

Posts: 5628; Member since: Feb 10, 2013

And for Pixel 3s it uses the Titan M chip to verify you've pressed the volume button I wonder if Google will start selling the Titan M chip to other OEMs But I don't think many OEMs would care enough about security to buy it

4. Valdomero

Posts: 653; Member since: Nov 13, 2012

What if you are have butter hands and the volume button is broken for all those unfortunate falls on the floor? Is it possible to assign another button? there's like 3 buttons on newer phones nowadays.

5. jeffpom

Posts: 54; Member since: Dec 11, 2016

I work in prepaid cellular. The problem with 2 step verification is those everyday users that never know their password or their information, never sign in anywhere. Then they need a new phone, and we can't get into their account, because they forgot their password and don't have another phone to approve sign in. Frustrating. I can see this happening with something like this. Don't have your phone on you, or lost it, or it's dead, or whatever.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.