Google will allow Android smartphones to work as a Google Key for multifactor authentication method

Google has just announced a new security measure. Very soon any smartphone with Android 7 operating system or later versions can be used as a physical security key for the multi factor authentication process; this will strengthen the security of the login of the users of services of Google, mention cyber forensics course specialists from the International Institute of Cyber Security (IICS).

To enable this new feature, users should only connect their smartphone to the Chrome browser via Bluetooth to verify their logins. This new authentication method will work for Gmail, G Suite, Google Cloud and any other Google platform. Other web sites may be supported later, but before Google must complete the certification of this authentication method; this service uses the FIDO authentication standard.

According to cyber forensics course specialists, multifactor authentication helps prevent unauthorized logins in the event a malicious user gets the victim’s login credentials. In their announcement, Google says that this new feature will be especially useful for journalists, activists, entrepreneurs, political campaign teams, among other organizations exposed to cyberattack attempts.

The main drawback of this new authentication method is the use of the Bluetooth connection, as it is required that the smartphone is physically close to the laptop or desktop computer, although this also limits the range of a possible attack.

Activate Android smartphone as security key

  • Log in to your Google account with the Android computer and turn on the Bluetooth
  • Open myaccount.google.com/security in Chrome on the second device and select ‘Two-step Authentication’; then select a security key and choose your phone from the device list

The service is available only for Android smartphones, mentioned the cyber forensics course specialists. However, Google claims that because this new technology runs the same protocols as a physical security key, it is a matter of time before this function can be implemented on other platforms.