14 DAY TRIAL // Two-factor authentication (or two-step verification) is a security feature that absolutely each and every one of us should use regardless of the service we want to protect.
And because Google accounts are often targeted by hackers who want to steal users’ credentials, the search giant has developed several methods to safeguard user data, including multiple ways to prevent malicious sign-in attempts in addition to the standard password.
As many people know already, physical security keys are pretty much the best way to protect accounts and, at the same time, the least likely to get hacked.
But because getting and using a security key isn’t really the most convenient thing to do for consumers, Google embraced a different approach and is now allowing users to convert their Android phone to such devices.
In other words, any Android phone should now be able to double as a security key, technically allowing users to allow or reject a sign-in attempt into their accounts.
Google says this option is specifically recommended for people in the Advanced Protection Program, and these include “journalists, activists, business leaders and political campaign teams who are most at risk of targeted online attacks.”
However, anyone can use it, as the new feature supports for personal Google accounts and Google Cloud accounts at work.
There are several requirements for an Android phone to play the role of a security key:
| The device must be running Android 7.0 or newer |
| The account must use two-step verification |
| The PC must support Bluetooth and the feature must be turned on |
| The PC must be running Windows 10, Chrome OS, or macOS |
| Location must be enabled |
| Google Chrome must be used for logging in |
How to set up the security key
Because Android phones come with a security key built in, all you have to do is configure your Google account to use the smartphone for two-factor authentication.
First and foremost, make sure that your phone is configured with your Google account that you want to protect, and enable two-step verification.
Next, on your PC running any of the operating systems mentioned above you need to log in to your Google account. Select the Add security key option in the account settings at the following location:
Google account > Security > 2-Step Verification > Security Key > Add Security Key
When you’re done with this configuration screen, you should see a message reading:
“Security key added. Your [phone name] security key was added to your account. When you sign in with 2-Step Verification, you'll use your password and your [phone name].”
The next time you try to log in to your account and your Android phone meets the aforementioned requirement, you’ll be requested to approve the attempt on your mobile phone. Once you approve the sign-in, you should be able to log in and access your account.
You can always change your settings, remove devices or add new ones to be used as security keys using the steps detailed above. Don’t forget that your device must be Bluetooth-capable, otherwise the login authorization request won’t be sent to your phone. Google hasn’t revealed why exactly Bluetooth is required, but it must be turned on alongside with the location services on Android.