What you need to know
- Google is rolling out a new feature that allows Chrome for Android to be used as a 2FA security key for Google Account logins.
- The feature is part of the latest Chrome beta.
- You must have Chrome Sync enabled for the feature to work.
Last week, Google rolled out Chrome 93 beta with quite a few PWA improvements and support for cross-device OTPs. The folks at 9to5Google have now spotted a new feature in the latest beta that turns Chrome for Android into a security key for logging in to your Google account.
Google currently offers multiple ways to allow users to authenticate a log-in attempt. On iOS devices and the best Android phones, you can tap "Yes" on the Google Prompt notification that pops up when you attempt to sign in to your account on a new device. In case you have a "phone security key" set up on your device, you can also long press the volume button to confirm a sign-in attempt.
As can be seen in the screenshots below, Chrome for Android will show you the "Are you trying to sign in?" notification when you attempt to sign in to your account on a laptop. Tapping on the notification will open a new fullscreen page with "Yes" and "No, it's not me" options at the bottom. Once you confirm, you'll see a "Connecting to your device" page, which appears to be similar to the process when authenticating a login attempt using the "phone security key" process. For it to work, however, you'll need to have Chrome Sync enabled.
While the functionality isn't widely rolled out yet, there is a good chance that it will become available for everyone soon after Google releases the stable version of Chrome 93 at the end of this month. As per the Chrome flag for the feature, it uses caBLE (cloud-assisted Bluetooth Low Energy).
Enable use of phones that are signed into the same account, with Sync enabled, to be used as 2nd-factor security keys. – Mac, Windows, Linux, Chrome OS, Android