Hello Mi Fans,
Two-factor authentication is a key way to help ensure your online accounts remain secure. Google has offered this solution for years now, but it’s stepping things up by letting you use your Android phone as a hardware security key of sorts. If you currently use two-factor authentication on Google, you will receive a web notification, an e-mail, a call or an SMS on your smartphone to confirm your identity when logging in or to deny access. One alternative is to buy a hardware security key fob that uses Bluetooth, NFC or USB connectivity to authenticate account access. And Google’s latest solution is a similar, hardware-based approach that’s actually based on the prominent FIDO2 standard.
Security keys based on FIDO standards are considered to be the strongest, most phishing-resistant method of 2SV on the market today. These physical security keys protect your account from phishers by requiring you to tap your key during suspicious or unrecognized sign-in attempts. Now, you have one more option—and it’s already in your pocket. As a beta feature, your phone can be your security key—it’s built into devices running Android 7.0+. This makes it easier and more convenient for you to unlock this powerful protection, without having to carry around additional security keys. Use it to protect your personal Google Account, as well as your Google Cloud Accounts at work. Now, let's see how to use your Android smartphone as a security key:
To sign in on a computer using your Android phone's built-in security key, you need:
How to use your Android phone as a security key on Google?
There are 4 essesntial steps to do so:
1. Access your Google Account
The first thing you’ll need to do is access your Google account. To do that, head to your Windows, Mac, or Chrome OS computer and open Google Chrome. Technically, any browser can be used for this part, but Chrome is the only one that currently supports security keys baked into smartphones.
Once on your computer, head to myaccount.google.com/security.
2. Activate 2-step Verification
Next, you’ll need to enable 2-step verification on your account. To do this, you’ll need to add a primary verification method. This can be a code sent to a phone number via SMS, or another method such as Google Prompt.
3. Add your phone as a Security Key
After 2-step Verification has been turned on, you can add your smartphone as a security key. To do this, you’ll need to scroll down on the page to the section titled Set up alternative second step and hit Add Security Key. From there, you should see a list of compatible Android devices which are attached to your account. Once you’ve selected the correct device, you’ll be prompted to add that Android phone as a security key.
4. Ensure Bluetooth & Location are enabled
Check your Android phone for a notification. On your Android phone, double-tap the "Are you trying to sign in?" notification. Follow the instructions to confirm it’s you signing in.
Once added, the only thing you’ll need to do on your phone is to ensure Bluetooth and Location settings are turned on. While your phone and computer won’t need to be paired, Google needs these settings enabled to ensure that the two pieces of hardware are in close proximity to one another. On your computer also make sure Bluetooth is turned on in your settings or preferences and sign in to your Google Account with your username and password.
Now when you sign into a Google service, such as Gmail, YouTube, Chrome, or Drive, you’ll get a prompt in the browser to unlock your phone and follow the instructions to confirm the sign-in. Tap “Yes” on your phone, then wait for the authentication process to complete. For now, the service is only available on Android phones, and it’s exclusively for logins to Google services, not to third-party sites. Google says that since the new technology runs on the same protocols, including FIDO standards, that a physical security key would, it’s only a matter of time before other companies implement similar technology.
With the new method, your Google Account and the data it contains are a little better protected. Possibly Google extends the function still further and secures thereby also the login to other web pages. It’s a very handy addition overall, and should go a long way to ensuring that your Google account is as secure as can be. We also hope this security key technology spreads to other websites and services in the near future, as it could drastically reduce cases of account breaches.
Share Your Thoughts in Comments Below!
Image source: Google
In order to fulfill the basic functions of our service, the user hereby agrees to allow Xiaomi to collect, process and use personal information which shall include but not be limited to written threads, pictures, comments, replies in the Mi Community, and relevant data types listed in Xiaomi's Private Policy. By selecting "Agree", you agree to Xiaomi's Private Policy and Content Policy .