Even if your Gmail has never been compromised, it's still a concern for anyone who'd rather keep their private information private - which is why Google's two-step login process has been a must-use feature for security-conscious account owners.
Now Google has announced that it has launched support for Security Key, a new form of two-step verification that requires users to have a physical device – in this case a USB – in order to log in to their account.
Google’s standard two-factor authentication comprises a user-chosen password, and a six-digit verification code, which is sent to your phone to prove it’s really you attempting to access your Google account. But as an alternative to the code, Google will allow customers to insert a compatible Security Key into their computer’s USB port.
After the USB Security Key verifies that the login site is authentic, you’ll be prompted for your password. By combing the Security Key and Google’s Chrome browser, the company states that users will have their ‘cryptographic signature’ protected from phishing attacks.
Even if you lose your physical Security Key, the password protection means your account will still remain safe (and vice versa if your password is hacked or leaked). Two-step authentication already made it challenging for hackers to access accounts, but adding a physical USB to the process makes it even more difficult for your information to be compromised by random hacking.
Google’s Security Key is built on top of the open FIDO Standard, so any manufacturer can develop their own compatible key to be used with the service. Google’s hope is that, eventually, you’ll be able to use a single USB key to access accounts from a variety of companies that support the technology.
Security Key is available to Google users at no charge, but you will need to buy a compatible USB device that is compliant with the FIDO U2F standard. Keys range in pricing from USD $6 to up to $60 each, and Google itself is directing customers to Amazon to shop around.