Google’s Titan Security Keys
Titan Security Keys make hardware-based two-factor authentication easy and practical for your online accounts. Google promises “the highest level of protection against phishing attacks”.
Google recently wrote that its 85,000 employees have been using similar physical security keys for months and that none of them have fallen victim to phishing attacks.
Currently Google (and other sites) offer two-factor authentication using a password and text message sent to your cellphone. However, hackers and criminals have increasingly been able to obtain cellphones and compromise users by intercepting the text message containing a security code.
Google’s Titan Key provides universal 2nd Factor Authentication (U2F) that is extremely difficult to compromise. Titan Keys simultaneously secure and simplify the two-factor authentication process. Users can quickly and securely log in to their accounts by inserting the Titan USB security key and pressing a button.
The Titan Key will come in two versions: One you can plug into computer’s USB port, and another that works with Bluetooth for mobile devices. The security factor is increase exponentially since you have to be near your computer or phone to use them. This eliminates the risk of the security code being intercepted, like that which is happening now with SMS-based two-factor authentication.
Of course, just looking at this from a practical point of view, losing your key would be very inconvenient as you would not be able to log in to your accounts. Google is going to have to have a quick but secure way of replacing lost security keys or this could turn out to be a bit messy. We don’t know what Google’s plans are yet for securely replacing lost (or stolen) security keys.
Security keys are available now to Google Cloud customers and will soon appear in the Google store. No pricing details are available at this time, but it’s expected that Google’s Titan Keys will cost around $20 (U.S.D.). Read more more about Google’s security keys here.
Security Keys might significantly increase the security of online accounts, but even two-factor authentication begins with a STRONG password. We recommend that you use a good password manager like LastPass (the free version works just fine). If for some reason you’r resistant to using a good password manager (but WHY?) then read our tips on creating strong passwords here.