Skip to main content

You can now use an iPhone as a Google security key

iPhone as security key
(Image credit: Google)

iPhone users will now be able to use their devices as a security key to protect their Google accounts.

Now, Google users will be able to register their iPhone as a two-factor authentication (2FA) method for their Google accounts in the same way in which they would register hardware security keys such as the company's own Titan Security Key.

Google first allowed Android users to use their smartphones as security keys last year to enable improved account security.

After setting up an iPhone to be used a security key, users will have to enter their username and password and turn on their device's Bluetooth connection the next time they log into their Google account to verify the login attempt.

However, to use an iPhone as a security key for a Google account, users will need an iPhone running iOS 10 or later and they will also have to install Google's Smart Lock app from the Apple App Store. 

Interested users can find out how to set up their iPhone as a security key by following a step-by-step tutorial in a support document from Google.

Google's Advanced Protection Program

Google's Advanced Protection Program (APP) is designed for users who face higher security risks than others such as politicians, business executives and journalists. These users can now enroll in Google's APP at no extra cost to benefit from extra security protection for their Google accounts.

Before the search giant allowed smartphones to work as de-facto security keys, a separate hardware security key was required to enroll in the program.

However, now that smartphones can serve as security keys, this is no longer necessary and interested users can sign up for the APP with just their phones. This feature could also be quite useful for those who live in countries where security keys are not readily available for purchase.

Adding extra protection to your Google account is now easier than ever and those working in sensitive fields should consider doing so to protect their account from being hijacked.

Via ZDNet