Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday August 31 2018, @04:26AM   Printer-friendly
from the is-it-still-in-beta? dept.

Google's in-house security key is now available to anyone who wants one

Google's Titan Security Key is finally available to anyone who wants one. The two-factor token went live today in the Google store, with a full kit available for $50, shipping immediately. The kits include a USB key, a Bluetooth key, and various connectors. The key has been available to Google Cloud customers since July, when the project was first publicly announced.

Built to the FIDO standard, the Titan keys work as a second factor for a number of services, including Facebook, Dropbox, and Github. But not surprisingly, they're built particularly for Google account logins, particularly the Advanced Protection Program announced in October. Because the keys verify themselves with a complex handshake rather than a static code, they're far more resistant to phishing attacks than a conventional confirmation code. The key was initially designed for internal Google use, and has been in active use within the company for more than eight months.

Also at TechCrunch, CNBC, and BGR.

Previously: Google Defeats Employee Phishing With Physical Security Keys

Related: No Key, No Login: G Suite Admins Can Now Make FIDO Security Keys Mandatory


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Friday August 31 2018, @03:12PM (1 child)

    by Anonymous Coward on Friday August 31 2018, @03:12PM (#728774)

    Dial back the hyperbole. The main purpose of the device is two factor authentication for Google login pages, such as Gmail.

  • (Score: 1, Redundant) by Runaway1956 on Friday August 31 2018, @04:21PM

    by Runaway1956 (2926) Subscriber Badge on Friday August 31 2018, @04:21PM (#728800) Journal

    One key, many accounts.

    Titan Security Key is built on FIDO® open standards. Use your key to protect your sign-in on a variety of apps and online services beyond Google.

    Beyond Google? Doesn't that mean "anyplace that allows you to sign in with your Google account"? And, what else? Financial institutions? Basically, that takes in just about everything. Maybe I've hypered the bole a little bit, but I don't really think so.

    I can't possibly say how many people there are, but it's very possible that some people use their Google accounts to sign in EVERYWHERE that it is permitted. If this key can also be used as TFA for financial institutions, that will indeed give Google more insight into your life.

    Put yourself in that position. The bank suggests that you use TFA. You may choose between the bank's dongle, or, if you already have a Google dongle, you may use it as your TFA. If convenience is your primary consideration, you'll opt for the Google dongle. If there is a fee associated with the bank's dongle, you may well opt to use your Google dongle. If, if, if . . . but if you or I can imagine it, it can probably happen.