Google Increases Two-Step Security By Introducing USB Security Key

October 21, 2014 - Written By John Anon


Security is a big deal nowadays. Being safe and secure has always been somewhat of a big deal and especially online but never more so than this year. If cyber criminals are not trying to steal your bank details or identity then they are trying to hack your social media and steal your nudie selfies. Either way being secure online is becoming more prevalent with each media news clip we hear. As security becomes a bigger deal this also means it is becoming bigger business. It was only a couple of weeks ago we sat Apple’s Tim Rice and Google’s Eric Schmidt battled it out in their respective interviews with both suggesting their systems and products were safer than the other.

Google in particular is very concerned about security and as such some time ago introduced two-step verification for its Google Ecosystem. For those interested in two-step security then in short this simply means as well as entering your password a second level of security is enacted. This typically involves Google sending a registered device (phone) a code which has to also be entered when you log-in to a Google service. This occurs every time you sign in with the second step (phone code) changing each time. Well it now seems Google are taking the two-step verification even further. Today Google and more specifically Google Chrome became the first web browser to implement support for FIDO (Fast IDentity Online). In contrast to the password/phone two-step verification, the new and more secure verification announced today involves users obtaining a FIDO compatible security key. In short this is simply a USB stick which requires users to plug in the stick as the second step. Without the USB stick, users would not be able to access the relevant services. As such it is rather obvious that this is not a means of security for everyone. For instance, mobile devices cannot use USB sticks and as such this would not work for mobile security at all and the service is only compatible with Chrome meaning it wont work with other browsers.

So yes, this is not a solution of everyone but if security is a concern for you then currently this is one of the most secure methods available. With the reliance of the physical key to access services this would be a good solution for businesses that work from a static location and want to ensure the security of their Google accounts. If that’s you then you can find out more by following the link over to the Google Security blog.