Google's 'Security Key' offers safer two-step verification

Google's FIDO Security Key
Google's FIDO Security Key

Advanced attackers have found ways to circumnavigate the two-step authentication login process. Receiving text message or email codes that accompany your passwords is no longer a rock-solid security measure that is guaranteed to protect your information.

To defend against these advanced attacks, Google has launched a USB-based product designed to improve two-step verification processes. The tool, Security Key, enables users to insert a device into a USB port in order to authenticate log-ins.

Rather than receiving verification codes via text message or email, Security Key users can simply carry the device on their keychains or in their pockets and insert the tool into a USB port whenever they wish to access secure information.

Why it was built

Google says the tool is a defense against sophisticated attackers that typically infiltrate two-step verification systems by setting up lookalike sites that request log-in information from victims. Security Key, which uses cryptography instead of verification codes, is designed to work only with the websites with which it has been pre-programmed.

Because Security Key requires a USB port, users won't be able to use the tool on mobile devices. Additionally, Google has made Security Key a Chrome-only tool, so you won't be able to access sites via Firefox or Internet Explorer via Security Key.

Security Key is generally available on Amazon. Google directs users from its website to an Amazon page that lists three models ranging in price from $5.99 (about £3.70, AU$6.80) to $50 (about £31.99, AU$56.80).

TOPICS
Latest in Security
A graphic showing fleet tracking locations over a city.
Lost & Found tracking site hit by major data breach - over 800,000 could be affected
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Microsoft Teams and other Windows tools hijacked to hack corporate networks
Latest in News
Google Gemini iPhone Lock Screen
You can now access Gemini from your iPhone's lock screen
Michelle, Keats, and Doctor Amherst looking unimpressed and worried in The Electric State
Netflix drops trailer for The Electric State, and I'm getting serious District 9 vibes
YouTube TV
YouTube TV might be planning a big Netflix update that puts the best streaming services first
Google Pixel 9 Pro
Here are the 7 best Pixel 9 and Pixel Watch 3 features landing in March’s Pixel Feature Drop
Bang & Olufsen Beogram 4000C Saint Laurent Rive Droite Edition
Bang & Olufsen's latest reworked turntable is a masterpiece of retro revival, in a breathtaking wooden presentation box
Apple Watch Series 10
Apple unveils new Apple Watch bands – here's what's in the Spring 2025 collection