Two-factor authentication is one of the most reliable authentication methods. However, if anybody has access to the authentication codes received in messages, your accounts are at risk. This is why Google introduced Titan Security Key, a 2FA device that acts as a physical key. Now, Google has further strengthened the 2FA system by making your Android smartphone a physical security key.
At its Cloud Next Conference, Google has announced that any Android smartphone running on Android 7.0 or above can be used as a physical security key for 2FA authentication.
How to turn your Android phone into a physical security key?
For this, you need to connect your phone via Bluetooth to your laptop to authenticate your logins. The procedure is similar to how Titan Security Key works and involves the same FIDO and WebAuthn APIs to verify your logins.
For Pixel 3 owners, it is much easier as Google’s proprietary devices use Titan M, a custom-made enterprise-grade chip for Pixel devices, to store FIDO credentials. On the Pixel 3, you need to hold down the power down button to authenticate yourself.
For other smartphones running Android 7.0 or above, an on-screen button will appear. Tapping on the button will authenticate your login. You need to connect your phone to your laptop via Bluetooth prior to this.
You need to have a ChromeOS, macOS or Windows 10 computer with the latest Chrome browser installed in it and the computer must have the option to setup Bluetooth connections. Here’s how you can add your device for 2FA:
- Establish a Bluetooth connection between your Android smartphone and PC.
- Sign in to your Google account on your Android device.
- Visit myaccount.google.com/security on your laptop.
- Choose the 2-Step Verification option.
- Click on the “Add a security key” button.
- Choose your smartphone from the list of devices that will appear below.
Google has also provided an option to add an additional device in case you lose your primary device. We recommend that all Android users with the compatible Android version use this feature to keep themselves safe and secure while signing into their Google account.