Two-factor authentication (2FA) with a FIDO security key uses cryptography to provide two-way verification: it makes sure that your users are logging into the service they originally registered the security key with, and the service verifies that it’s the correct security key as well. This provides superior protection to code-based verification, like SMS and one-time password (OTP).
Simpler to use
Security keys make 2FA easier. Users simply tap the button on their key instead of retyping codes. Unlike other 2FA methods, also known as multi-factor authentication (MFA), that use one-time codes via text message, security keys don’t require a phone number on users’ accounts.
A must for admins and high-value users
G Suite, Google Cloud Platform, and Cloud Identity admins and users enrolled in the Advanced Protection Program have access to sensitive data and systems. While security keys are recommended for all users for stronger protection against phishing, enforcing security keys for admins and other high-value users should be the first step.
Titan Security Key
Titan Security Keys are built with a secure element that includes firmware engineered by Google to verify the integrity of the key and implement FIDO standards to work with many popular devices, browsers, and services. Titan Security Keys are available on the Google Store and through your Google Cloud representative.
Built-in on Android phones
The FIDO security key technology that provides phishing-resistant two-factor authentication is now built-in on Android 7+ phones with Google Play Services and enables your people to use the convenience of their phones to help protect their work and personal accounts against phishing attacks and account takeovers. Activate it on your phone by following these steps.
Account takeover protection
Two-factor authentication (2FA) with a FIDO security key provides stronger, more phishing-resistant protection than 2FA with code-based verification, like SMS and one-time password (OTP). Security keys send cryptographic proof that users are on a legitimate site and that they have their security key with them.
FIDO security keys are compatible with Chrome and other popular browsers. The same security key your people use to authenticate themselves on Google will also work on GitHub, Facebook, Dropbox, and many other sites.
Security key policies allow G Suite, Cloud Identity, and Google Cloud Platform admins to enforce the use of a security key for greater protection against phishing attacks and account takeovers.
Enforce security keys on GCP and Cloud Identity
Enforce security keys on G Suite
Protect your personal account
Watch Next ’19 presentation
Security key enforcement
Enforce the use of security keys to help prevent account takeovers.