cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
search icon

Original topic:

FIDO security key

(Topic created on: 07-19-2020 10:09 PM)
5744 Views
v3nom
Active Level 8
Options

‎07-19-2020 10:09 PM in 

Tech Talk
WHAT IS FIDO

Your device can now be used as a physical security key for two-factor authentication, giving you an even more secure way to log into Google apps than several other existing 2FA methods that Google provides right now. So when if you want a physical device to verify your login, you don’t have to buy a dongle — you can just use your phone.


image


To make your Android phone your security key, you’ll just need to connect your phone through Bluetooth to a Chrome browser to verify logins. (Some older desktop PCs don’t have Bluetooth, but it’s pretty universal on laptops.) The new authentication scheme works on Gmail, G Suite, Google Cloud, and any other Google account service, and uses the FIDO authentication standard. Google says other websites might join in later on,

Two-factor authentication can help prevent unauthorized logins in the event that someone gets your password, which is important when leaks and phishing attacks can put accounts at risk. Google recommends that everyone use their phone as a security key.

Not all methods of two-factor authentication are equally secure, and Google has historically offered a whole bunch: SMS verification codes (which have known weaknesses), the Google Authenticator’s rotating codes, and Google Prompt, which let your Android phone and a Google service on your computer directly communicate with each other over the internet. The new physical security key option works very similarly to Google Prompt — as you can see in the screenshots below — but now it requires your phone to be physically near your computer, thwarting those who might attempt to spoof your account from halfway around the world.

It also uses a pair of authentication protocols, FIDO double-checks that you’re on the right website and not getting phished.


2 Comments
Anonymous
Not applicable
Options

‎07-19-2020 10:26 PM in 

Tech Talk
great information 💁‍♀️
0 Likes
Brixhamite
Beginner Level 2
Options

2 weeks ago in 

Tech Talk

This can work out to be a massive cost saver as when using physical Fido Keys, you are normally advised to purchase 2 keys (in case one is lost), and this can ending up costing quite a bit.

Passkeys offer a way to leverage your phone so if you want to use a physical Fido key the phone can now act as a free secondary access solution (without relying on an alternative method that may not be phishing resistant).

0 Likes
Related Content