Author: Joe Martin, Date: 2014-10-30
In the face of rampant security issues and high publicity breaches, Google has announced a new security product that will provide an advanced form of 2-factor authentication.
The USB based security key will be paired with your Google accounts: everything from Gmail and Google plus to Chrome bookmarks and Youtube preferences. This security key, which functions similarly to existing 2-factor authentication platforms available primarily on smartphones, will be a physical key to a users Google accounts. The user will require both the USB key, user name and password to access those accounts; a combination unlikely to fall in the hands of a hacker.
To access the accounts paired to the key the user will be prompted to insert the USB into their computer upon entering their user name and password. When the computer detects the USB the accounts will be unlocked for regular use.
This circumvents the relatively simple method of password theft by placing a third, physical requirement in-between a potential hacker and the target account. However it presents similar problems to having a 2-factor authenticator on a separate device like a smartphone: without the key it is impossible to access the account. This means that should the user lose their key, or worse have it stolen, the account is effectively placed on ice.
Any USB device with the standard FIDO Universal 2nd Factor compliance can be utilized as a security key. Google is currently selling the devices for $5.99.