Skip to main content

Google Launches USB-Based "Security Key" To Strengthen 2-Step Verification











Google is taking its users’ privacy very serious and making every possible effort for its users just to make them feel secure when they are online.


Today, the tech giant has announced its enhanced two-step verification service that is based on a physical USB key, adding yet another layer of security to protect its users from hackers and other forms of online theft.


SECURITY KEY- 2 STEP VERIFICATION USING USB DRIVES
The "Security Key" feature will currently work on Chrome and will be free for Google users, but the company also notes that the Security Key is supporting the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, which will allow users to log in to Google Accounts by inserting a USB device into their systems.




By letting users protect their accounts using two-factor authentication based on physical USB keys, it will be no longer any compulsion for you to type in the six-digit authentication code in Google's Gmail or your Google Account. The Security Key ensures access via both your physical presence and your login password.
"Today we’re adding even stronger protection for particularly security-sensitive individuals," Nishit Shah, security product manager at Google, said in a blog post. "Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google."
YOUR PASSWORDS ARE SECURED
Furthermore, the Security Key platform will also look for foil phishing attacks by not providing a cryptographic signature to the site, preventing spoof sites from collecting username and password combinations of users forman-in-the-middle attacks.
"Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished."



NOBODY CAN ACCESS MY GMAIL ACCOUNT
Security key is meant for users who seek for higher level of security on their accounts and by implementing it, users will enjoy hack-free Google accounts, because cyber thieves will be restricted from accessing the account even if they have the correct credentials, or your stolen mobile phone — since they don’t have the Security key.

However, simply inserting a USB key before logging in, a password is still required. So that cyber thieves would not be able to log into your account just by stealing your Security key. But, if your account password is compromised somehow, it would be useless for hackers without the corresponding Security key.


SECURITY KEY ALSO WORKS FOR OTHER SITES WITH U2F SUPPORT
Since the protocol is supported by Chrome, other websites besides Google can also opt Security key feature to provide stronger authentication options to their users. "As more sites and browsers come on-board, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported," Shah said.


Google is offering the Security key feature on all Google Account sites for free, but in order to use the service, users need to buy a USB device from an outside vendor such as Amazon or other retailers. Right now, the Google Security Key system works only in Chrome, but if other browsers and additional sites implement the U2F protocol, the same Security Key will work with them, too.

Comments

Popular posts from this blog

Pebble - E-Paper Watch for iPhone and Android

CUSTOMIZE YOUR PERFECT WATCH. IT'S AS EASY AS DOWNLOADING AN APP. Pebble is the first watch built for the 21st century. It's infinitely customizable, with beautiful downloadable watchfaces and useful internet-connected apps. Pebble connects to iPhone and Android smartphones using Bluetooth, alerting you with a silent vibration to incoming calls, emails and messages. While designing Pebble, we strove to create a minimalist yet fashionable product that seamlessly blends into everyday life. WHAT Apps bring Pebble to life. We're building some amazing apps for Pebble. Cyclists can use Pebble as a bike computer, accessing the GPS on your smartphone to display speed, distance and pace data. Runners get a similar set of data displayed on their wrist. Use the music control app to play, pause or skip tracks on your phone with the touch of a button. If you're a golfer, feel free to bring Pebble onto the course. We're working with Freecaddie to create a great golf ...

Is Blockchain the new digital era ?

There is nothing more powerful than an idea, whose time has come. What is Blockchain ?  Blockchain is a set of growing records that are bound with one another using cryptographic algorithms. It allows records, called as blocks to be distributed among different system without being copied. Imagine that, you can see all the transactions that are being carried out in your bank. The main ledger, if is seen by thousands of people, would there be any malpractice anymore. The prime idea of blockchain was for Bitcoin, but now the tech community is now finding other potential uses for the technology. What is Bitcoin ? It is the first decentralized digital currency, as the system works without a central bank or single administrator. The system works as a peer-to-peer network, in which transactions take place between users directly, without an intermediary. These transactions are verified by blockchain. Bitcoin was invented by an unknown person or group of people us...

PENETRATION TESTING

What is Penetration Testing? It’s the process to identify security vulnerabilities in an application by evaluating the system or network with various malicious techniques. Purpose of this test is to secure important data from outsiders like hackers who can have unauthorized access to system. Once vulnerability is identified it is used to exploit system in order to gain access to sensitive information. Causes of vulnerabilities: - Design and development errors - Poor system configuration - Human errors Why Penetration testing? - Financial data must be secured while transferring between different systems - Many clients are asking for pen testing as part of the software release  cycle - To secure user data - To find security vulnerabilities in an application It’s very important for any organization to identify security issues present in internal network and computers. Using this information organization can plan defense against any hacking attempt. User privacy and ...