Google will let you use your Android phone to verify logins

News
By Anthony Spadafora
published

Your Android smartphone is now a physical security key

Security Key
Image Credit: Google (Image credit: Image Credit: Google)

Protecting your Google account from phishing just got a whole lot easier with the announcement that any Android smartphone running Android 7 or higher can now be used as a physical security key for two-factor authentication (2FA).

The tech giant already provides a number of 2FA methods including Google Prompt but physical security keys have been proven by its own teams to be the most effective method of combating phishing.

Up until now, you could use Google's own Titan Security Key or those made by Yubico to secure your account but this requires you to bring an additional physical device with you at all times. 

Now with the announcement that you can use your Android smartphone as a security key, users will be able to securely access their Google accounts on Windows, Mac or Chrome OS using the device they already have on their person at all times.

Using your Android smartphone as a security key

To get started using your Android device as a security key, first you'll need to connect your smartphone to your computer using Bluetooth. Next you need to sign into your Google Account on the device and open your Google security settings on your computer. From there you need to select the option to add a security key and choose your smartphone from the list of devices.

Pixel 3 owners will be able to use the volume down button to activate their security key since Google has stored FIDO credentials inside the device's Titan M chip. On the other Android smartphones, you'll simply have to sign in and tap a button to activate your security key.

Currently the service is only available on Android devices and at this time it can only be used to login to Google services such as Gmail, G Suite and Google Cloud.

However, since the service uses the same protocols that a physical security key does, other companies could soon add support for it to their own services extending its functionality beyond Google.

Via The Verge

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.