Security key enforcement

Enforce the use of security keys to help prevent account takeovers.

View documentation for this product.

Description of what the video is about.


Two-factor authentication (2FA) with a FIDO security key uses public-key cryptography to provide two-way verification: it makes sure that your users are logging into the service they originally registered the security key with, and the service verifies that it’s the correct security key as well. This provides superior protection to code-based verification, like SMS and one-time password (OTP).

Simpler to use

Security keys make 2FA easier. Users simply tap the button on their key instead of retyping codes. Unlike other 2FA methods, also known as multi-factor authentication (MFA), that use one-time codes via text message, security keys don’t require a phone number on users’ accounts.

A must for admins and high-value users

G Suite, Google Cloud Platform, and Cloud Identity admins and users enrolled in the Advanced Protection Program have access to sensitive data and systems. While security keys are recommended for all users for stronger protection against phishing, enforcing security keys for admins and other high-value users should be the first step.

Titan Security Key

Titan Security Keys are built with a secure element that includes firmware engineered by Google to verify the integrity of the key and implement FIDO standards to work with many popular devices, browsers, and services. Titan Security Keys are available on the Google Store and for bulk orders in select countries.

Built-in on Android and iOS phones

The FIDO security key technology that provides phishing-resistant 2FA is now built-in on Android 7+ and iOS phones and enables your users to use the convenience of their phones to help protect their work and personal accounts against phishing attacks and account takeovers. Activate it on your phone today by following these steps.


Account takeover protection

FIDO security keys provide the strongest account protection against automated bots, bulk phishing, and targeted attacks. Security keys send cryptographic proof that users are on a legitimate site and that they have their security key with them.


You and your users now have a choice of using an Android or iOS phone, Titan Security Key, or another compatible FIDO security key to protect work and personal accounts against phishing attacks and account takeovers.

Open standards

FIDO security keys are compatible with Chrome and other popular browsers. The same security key your people use to authenticate themselves on Google will also work on GitHub, Facebook, Dropbox, and many other sites.

Admin controls

Security key policies allow G Suite, Cloud Identity, and Google Cloud Platform admins to enforce the use of a security key for greater protection against phishing attacks and account takeovers.

Businesses that run on Stripe trust us with some of their most sensitive information, and we take the security of that information extremely seriously. We’ve found security keys to be ideal second factors because they balance ease-of-use with increased account security. Security key enforcement gives us a way to easily enforce secure logins for all employees, across both their desktop and now mobile devices.

Bryan Berg, Security team, Stripe

Technical resources


The security key enforcement feature is included in all editions of G Suite and Cloud Identity (including for GCP user management and security).

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Need help getting started?
Work with a trusted partner
Continue browsing