After a few weeks of teasing, having been introduced at Google's Cloud Next Conference, the Google Titan Security Key is now available for purchase in the Google Store. The $50 bundle includes a pair of keys, actually. One is a traditional USB-A (and NFC, but more on that in a second) model. The other includes USB (via a micro-USB adapter) and Bluetooth.
Here's what you need to know:
- The Titan Security Key(s) is based on the standards from the FIDO Alliance, which comes up with the Universal 2-Factor standards used in two-factor authentication. So that's FIDO, U2F, and 2FA, for those of you who prefer acronyms.
- These keys are a more secure form of two-factor authentication. You'll still need your password, but then you'll plug in (or use Bluetooth or NFC) your key and tap it for that second factor of authentication.
- (No, these aren't also fingerprint scanners.)
- The USB Titan Key also does NFC, which works great with phones. However, we're awaiting an update to the Android software itself to be able to use NFC with the Titan Key. (Other U2F NFC keys, like the Yubico Neo, work just fine at the moment.)
- This is the sort of thing you'll need to use in conjunction with the Google Advanced Protection Program. More on that here.
Why's Google doing this? To help push adoption, for one thing. SMS two-factor codes are notoriously interceptable, and even software tokens aren't much better. With a physical hardware key, you're proving that someone (presumably you) are in possession of the key. And as an added layer of security, the keys allow your browser to report back which page you're trying to log in from. If it's from something like www.googl3.com and not www.google.com (or something far more sneaky), it'll be rejected.
Google also controls this hardware, as well as the firmware. Unlike other U2F keys, the firmware is locked down and can't be modified. And to be clear, it doesn't just work with Google's two-factor systems. It still works with anything that uses the FIDO standards.
And that's that. Google is selling these as a bundle, for now, because you really should keep one key on hand, and stash the other as a backup. (You'll need to register both with whatever services you're using, obviously.)
If you can about your online security, this could well be the best $50 you spend.
We may earn a commission for purchases using our links. Learn more.
WeChat ban has been blocked by U.S. District Court
The Trump administration's ban on WeChat was set to go into effect today, but a U.S. district court judge just blocked it.
These are the best games for your Android phone
We're rounding up the best games, free and premium, you should be playing today.
Digital Wellbeing has been forgotten, but we need it now more than ever
Two years ago, the digital hygiene movement was in full swing. Now, during the pandemic, the idea of using our phones less has been abandoned, but should we bring it back?
Consolidate your charging gear with these slick 100W PD chargers
A good 100W charger should be able to charge all of your gear at once and charge your laptop in a hurry. These are the best of the bunch you can buy today!