Google has announced that it will be providing a ‘Security Key’ through a USB device to those users who have enabled the Google two-factor authentication for all your Google accounts including Gmail, Google plus, Youtube, Chrome and others.With the Google’s all new Security Key feature, there’s no looking at codes and re-typing―you simply insert your Security Key into your computer’s USB port when asked.
What is this Security Key ?
Google will provide a new security key through a USB device which enables 2-factor-authentication , instead of texted security codes you can simply plugin the device and its done.
Better Security ?
With the new security key your Google accounts will have more security than earlier, the two factor authentication in which Google sent you a texted message had a drawback in case of a sophisticated attacker could set up a lookalike site (phishing) or in case you your mobile was stolen or you simply lost it. With the new security key users wont face such kind of problem. If you happen to lose your security key (if its stolen) unauthorized access is not possible as all your google accounts will always ask for its passwords as usual. In a different scenario where your Google account is hacked somehow (Password stolen), the password theft is useless for the hacker until he plugs in the security key which in combination with the username and password can open your account. And this seems difficult for the hacker to arrange for all three, your user id, password and the security key.
Compatibility and Requirements :
In order to use the security key you will require a computer running Google Chrome version 38 or newer on ChromeOS, Windows, Mac OS, or Linux. Mobile users are suggested not to opt to this service.
How do I get a Security Key?
Any USB device compliant with the “FIDO Universal 2nd Factor (U2F)” open standard can be used as a security key. the devices are available for sale online.
Disadvantages of opting for the USB based Security Key.
This issue has not been discussed at all. For one, those accounts which have multiple users with a single Google account will find it difficult to log in unless they buy the security key for all the users. If you happen to lose the USB key, you will have to buy a new one from Google which means that Google has a steady stream of income. By the looks of it, the USB based security key is pretty losable so think twice before you opt for it. Though Google says that “you’ll still be able to use a verification code the way you normally do on any device that doesn’t support Security Key” how that will work out is not mentioned.
Given the recent cyber security environment with the leaks, hacks and breaches happening everyday, it seems Google engineers and marketeers have hit on this brilliant idea of making security a revenue stream. Those who are security enthusiasts and very security conscious can opt for the security key and buy the FIDO U2F Security Key for $5.99.