 |
| Google turns its browser into a security key |
Over the past few years, Google has been actively promoting two-factor authentication (2FA), or what the company calls 2SV.
This includes a physical security key connected to the USB and a phone security key.
So far, the company has offered several ways to authenticate the user, including prompts, voice or text messages, backup codes, and authentication apps.
The latest attempt has turned the Google Chrome browser for Android into a security key for logging into corporate accounts.
After entering their username and password, users who have activated two-factor authentication with their Google account can confirm that they try to sign in in different ways.
Tap Yes on the Google notification that appears on Android and iOS (requires Google apps or Gmail), or press and hold the Volume Down key if you've set a security key for your phone.
This method is stricter than alarm and better simulates a USB-C/A security switch, which uses Bluetooth to communicate between a phone and a desk to confirm proximity.
However, the phone's security keys require the user to set them manually before use, which makes approval difficult.
The search giant is now using the Android web browser as another method of two-factor authentication for security keys.
Google turns its browser into a security key
When you enter information on your laptop, you will receive a warning message "Are you trying to log in?". It opens a full screen page with "yes" and "no, not me" at the bottom.
This means that someone is trying to log into your account from a nearby device. The important part of this message is the devices nearby, so distinguish it from simple company notifications.
After confirmation, a periodic animation will take you to the device's login page, similar to a mobile security key.
If you open the current multitasking menu, you will find that this screen is from the browser and not from Google Play Services. However, GPS is still responsible for displaying the old UI with yes/no.
This feature first appeared in the company's Android browser version 93 and version 92 of macOS in beta. It has not yet been widely spread.
The company uses the cable mentioned in the browser (Cloud Assisted Bluetooth Low Energy). Requirements include being signed in to the same account and enabling Chrome sync.
In addition to entering a password, two-factor authentication provides an additional level of security. If others need extra steps to verify who wants to log in, they can protect your account.