Google Announces A Two-Step Verification USB Key

Google Inc. announced a new 2-step verification USB key yesterday that eliminates the need to memorize long, complicated passwords for Google services, while providing better security at the same time.

Google had already offered a 2-step verification process that required both a user password and a unique, time sensitive code that would be sent either by text, voice call, or a mobile app.

With the new USB key, however, users no longer need to enter an additional code. Instead, they simply insert the device into their computer and press a button to unlock a Google site.

In addition to making it easier to log in to tools like Google Docs, Gmail and Google Drive, the USB key also offers better protection against phishing by ensuring that the login site is an authentic Google website before attempting to access it. Google promises: “When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished.”

Two-step verification systems are becoming common as people’s online identities include more and more sensitive information. Even video games are starting to use authentication systems to protect user accounts. Blizzard, the game developer behind World of Warcraft and other popular online games, has the Battle.net Authenticator, which uses either a key fob or a mobile app to generate a code to access their gaming accounts.

Google notes that the USB key won’t replace the standard password and code combination for all situations. Google said on their blog:

Security Key requires a USB port to work, so it’s not recommended for mobile-only users. [. . .] Security Key does not work on browsers other than Chrome.