Keeping your Google account safe from phishing and attackers has become important for everyone these days. Most of us use a Google account in some sort of capacity and that account is sure to have information valuable to you and attackers. That’s why it’s important to use a strong password as your first line of security.
But beyond a strong password, you should also be employing Google’s two-step verification. Check out our tutorial on setting up 2SV on your account. Google knows that 2SV is helpful and they encourage users to activate it, but they also know 2SV isn’t always bulletproof. As Google points out, “attackers can skirt around them by targeting you with a fake sign-in page to steal your credentials.”
Google goes on to say that FIDO standards are regarded as the most effective way to secure your accounts.
“These physical security keys protect your account from phishers by requiring you to tap your key during suspicious or unrecognized sign-in attempts.”
But now, Google has announced a new option for keeping your Google account safe. This new method utilizes Bluetooth pairing between your smartphone and Bluetooth enabled Chromebook, PC, or Mac. All you need is an Android device running Android 7.0+ which has this new built-in security key in the software.
“This makes it easier and more convenient for you to unlock this powerful protection, without having to carry around additional security keys. Use it to protect your personal Google Account, as well as your Google Cloud Accounts at work.”
Here’s how to get it to work today:
To activate your phone’s built-in security key, all you need is an Android 7.0+ phone and a Bluetooth-enabled Chrome OS, macOS X or Windows 10 computer with a Chrome browser. Here’s how to do it:
1. Add your Google Account to your Android phone.
2. Make sure you’re enrolled in 2SV.
3. On your computer, visit the 2SV settings and click “Add security key”.
4. Choose your Android phone from the list of available devices—and you’re done!
When signing in, make sure Bluetooth is turned on on your phone and the device you are signing in on.
We recommend registering a backup security key to your account and keeping it in a safe place, so you can get into your account if you lose your phone. You can get a security key from a number of vendors, including our own Titan Security Key.Google Blog