To enhance security measures, a number of firms have opted for the 2 step verification that involves sending an access code to a cell phone apart from the password protection that exists already. However, Google has plans to enhance this even more by introducing a security key that will keep the hackers away.
Upon using the Security Key, users are capable of accessing the Google account, sign into Chrome only when this Security Key is plugged into the computer’s USB port and the password has been entered. The key can be used with only a single connected Google account that has been linked during the process when it was being set-up.
The access will be granted only when the password entered is the same as that of the account it is connected to. The Security Key is being sold by Yubico and doesn’t require drivers or any software prior to using it. This results in removing another potential point that can be exploited by the hackers. Apart from giving protection to Google accounts, the Yubico’s key also works by supporting the Universal 2nd Factor specification on websites. The U2F is an authentication standard that was created by the Fast IDentitiy Online (FIDO) Alliance, the security industry consortium.
The product manager at Google Security, Nishit Shah, said, “If you use 2-Step Verification, you can choose Security Key as your primary method, instead of having verification codes sent to your phone. With Security Key, there’s no looking at codes and re-typing – you simply insert your Security Key into your computer’s USB port when asked.”
Mr Shah further added, “Sophisticated attackers could set up lookalike sites that ask you to provide your verification codes to them, instead of Google. Security Key offers better protection against this kind of attack, because it uses cryptography instead of verification codes and automatically works only with the website it’s supposed to work with. No mobile connection or batteries needed. Security Key works without a data connection, and you can carry it wherever you go on a keychain or in your wallet.”