How to use your Android Smart phone as a two-factor authentication security key

Google adscititious a brand new thanks to verify your logins this week: exploitation your robot phone as a physical security key for two-factor authentication.

You should be using two-factor authentication to log onto websites, so that even if someone has your password from a data breach, they won’t be able to get in.

And currently with the new feature, if you have an Android phone running 7 or higher, you also have a convenient security key.


It’s more secure than many existing 2FA options (such as using SMS) because your phone will check in with your computer via Bluetooth to make sure you’re on the correct website and not being phished.

SMS is hacked, and most other secondary methods of verifying your logins won’t be able to check you’re attempting to log on to the right site.

 

Your laptop ought to be running Windows ten, macOS, or Chrome OS, with any version of Chrome 72 or later.

(Interestingly, Google doesn’t let you set this up via a mobile device, so you can’t use one phone to set up another phone as a key.) Before you start,

make sure that your phone has Bluetooth turned on.


Here’s how to set it up:

If you haven’t nevertheless, make sure to add a Google account to your phone by heading into Settings > Accounts > Add account > Google.


Then, on your computer, open a Google Chrome browser.

Head into myaccount.google.com/security on Chrome and click on “2-Step Verification.”


If you don’t have two-step verification set up yet, enter this site, and follow these instructions. The TL;DR is that you’ll need to log in, enter a phone number, and select what secondary methods of verification you’d like, which brings us back to…

Scroll down the list of secondary strategies and choose “Add Security Key.”

 

Choose your phone from the list of options; it ought to mechanically show up.


That’s it!

You’ve originated your phone as a security key and might currently log in to Gmail, Google Cloud, and other Google services and use your phone as the secondary

method of verification. Just make sure your phone is in close proximity to your computer whenever you’re trying to log in.

Your laptop can then tell you that your phone is displaying a prompt.

Tap on the prompt to verify your login and you’re all set!
Here are some screenshots of what it looks like when you’re prompted on your phone to verify a login. It’s similar to what Google Prompt looks like already, with the main difference being that your phone will be checking with the website to verify it’s the right one.

Leave a Reply