Security key enforcement

Enforce the use of security keys to help prevent account takeovers.
Overview

Overview

Two-factor authentication (2FA) with a FIDO security key uses cryptography to provide two-way verification: it makes sure that your users are logging into the service they originally registered the security key with, and the service verifies that it’s the correct security key as well. This provides superior protection to code-based verification, like SMS and one-time password (OTP).

Simpler to use

Security keys make 2FA easier. Users simply tap the button on their key instead of retyping codes. Unlike other 2FA methods, also known as multi-factor authentication (MFA), that use one-time codes via text message, security keys don’t require a phone number on users’ accounts.

A must for admins and high-value users

G Suite, Google Cloud Platform, and Cloud Identity admins and users enrolled in the Advanced Protection Program have access to sensitive data and systems. While security keys are recommended for all users for stronger protection against phishing, enforcing security keys for admins and other high-value users should be the first step.

Titan Security Key

Titan Security Keys are built with a secure element that includes firmware engineered by Google to verify the integrity of the key and implement FIDO standards to work with many popular devices, browsers, and services. Titan Security Keys are available on the Google Store and through your Google Cloud representative.

Built-in on Android phones

The FIDO security key technology that provides phishing-resistant two-factor authentication is now built-in on Android 7+ phones with Google Play Services and enables your people to use the convenience of their phones to help protect their work and personal accounts against phishing attacks and account takeovers. Activate it on your phone by following these steps.

Features

Account takeover protection

Two-factor authentication (2FA) with a FIDO security key provides stronger, more phishing-resistant protection than 2FA with code-based verification, like SMS and one-time password (OTP). Security keys send cryptographic proof that users are on a legitimate site and that they have their security key with them.

Choice

You and your users have a choice of using an Android phone, Titan Security Key, or another compatible FIDO security key to protect work and personal accounts against phishing attacks and account takeovers.

Open standards

FIDO security keys are compatible with Chrome and other popular browsers. The same security key your people use to authenticate themselves on Google will also work on GitHub, Facebook, Dropbox, and many other sites.

Admin controls

Security key policies allow G Suite, Cloud Identity, and Google Cloud Platform admins to enforce the use of a security key for greater protection against phishing attacks and account takeovers.

Businesses that run on Stripe trust us with some of their most sensitive information, and we take the security of that information extremely seriously. We’ve found security keys to be ideal second factors because they balance ease-of-use with increased account security. Security key enforcement gives us a way to easily enforce secure logins for all employees, across both their desktop and now mobile devices.

Bryan Berg, Security team, Stripe

Technical resources

Pricing

The security key enforcement feature is included in all editions of G Suite and Cloud Identity (including for GCP user management and security).

Google Cloud

Get started

Security key enforcement

Enforce the use of security keys to help prevent account takeovers.

Need more help?

Our experts will help you build the right solution or find the right partner for your needs.