Google Launches USB-Based "Security Key" To Strengthen 2-Step Verification

Google Launches USB-Based "Security Key" To Strengthen 2-Step Verification
Google is taking its users’ privacy very serious and making every possible effort for its users just to make them feel secure when they are online.
Today, the tech giant has announced its enhanced two-step verification service that is based on a physical USB key, adding yet another layer of security to protect its users from hackers and other forms of online theft.
SECURITY KEY- 2 STEP VERIFICATION USING USB DRIVES
The "Security Key" feature will currently work on Chrome and will be free for Google users, but the company also notes that the Security Key is supporting the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, which will allow users to log in to Google Accounts by inserting a USB device into their systems.

By letting users protect their accounts using two-factor authentication based on physical USB keys, it will be no longer any compulsion for you to type in the six-digit authentication code in Google's Gmail or your Google Account. The Security Key ensures access via both your physical presence and your login password.
"Today we’re adding even stronger protection for particularly security-sensitive individuals," Nishit Shah, security product manager at Google, said in a blog post. "Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google."
YOUR PASSWORDS ARE SECURED
Furthermore, the Security Key platform will also look for foil phishing attacks by not providing a cryptographic signature to the site, preventing spoof sites from collecting username and password combinations of users for man-in-the-middle attacks.
"Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished."
NOBODY CAN ACCESS MY GMAIL ACCOUNT
Security key is meant for users who seek for higher level of security on their accounts and by implementing it, users will enjoy hack-free Google accounts, because cyber thieves will be restricted from accessing the account even if they have the correct credentials, or your stolen mobile phone — since they don’t have the Security key.
However, simply inserting a USB key before logging in, a password is still required. So that cyber thieves would not be able to log into your account just by stealing your Security key. But, if your account password is compromised somehow, it would be useless for hackers without the corresponding Security key.
SECURITY KEY ALSO WORKS FOR OTHER SITES WITH U2F SUPPORT
Since the protocol is supported by Chrome, other websites besides Google can also opt Security key feature to provide stronger authentication options to their users. "As more sites and browsers come on-board, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported," Shah said.
Google is offering the Security key feature on all Google Account sites for free, but in order to use the service, users need to buy a USB device from an outside vendor such as Amazon or other retailers. Right now, the Google Security Key system works only in Chrome, but if other browsers and additional sites implement the U2F protocol, the same Security Key will work with them, too.
 

Comments

Post a Comment

Popular posts from this blog

Image
Beware! Built-in Keylogger Discovered In Several HP Laptop Models Do you own a Hewlett-Packard (HP) laptop? Yes? Just stop whatever you are doing and listen carefully: Your HP laptop may be silently recording everything you are typing on your keyboard. While examining Windows Active Domain infrastructures, security researchers from the Switzerland-based security firm Modzero have  discovered  a built-in keylogger in an HP audio driver that spy on your all keystrokes. In general,  Keylogger  is a program that records every keystroke by monitoring every key you have pressed on your keyboard. Usually, malware and trojans use this ability to steal your account information, credit card numbers, passwords, and other private data. HP computers come with Audio Chips developed by Conexant, a manufacturer of integrated circuits, who also develops drivers for its audio chips. Dubbed Conexant High-Definition (HD) Audio Driver, the driver helps the software to comm...
Read more

Anthem Data Breach — 6 Things You Need To Know

Image
Anthem Data Breach — 6 Things You Need To Know The Nation’s second largest  Health insurer company, Anthem , alerted its customers on Wednesday that hackers had stolen the personal information of over 80 Millions of its customers, making it the largest data breach and double the number of payment cards affected by  Target data breach  occurred in 2013. The stolen personal information includes residential addresses, birthdays, medical identification numbers, Social Security Numbers, email addresses and some income data belonging to both current and former customers and employees, including its own chief executive. 80 Million is a vast number — it's roughly the populations of California, Texas and Illinois when combined together. So far, there is no evidence whether financial or medical information of the company’s customers was compromised, according to a statement given by Anthem’s vice president, Kristin Binns. The health giant, based in Indianapol...
Read more
Image
Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn't it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google's Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on. AOL developer Ran Bar-Zik  reported  the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way. How Browsers Works With Camera & Microphone Before jumping onto vulnerability details, you first need to know that web browser based audio-video communication relies on WebR...
Read more