The problem with passwords is that we have to think of something that we can remember and is complicated enough not to be guessed. The bad guys, however, are using even faster computers to brute force our even longer passwords.
We need another plan.
What happens if you can add another layer of security that is a physical device? Therefore, the bad guys would need both our passwords AND the device which would make it that much harder.
Google has developed a way for us to use our Android phones as a physical security key here is what it’s all about:
What happens when I log in?
Once you set up, whenever you try to access your Gmail or Google Drive, you will receive an alert on your phone to confirm if you are indeed trying to log in. If you are, you tap a confirmation button and log in as normal. However, if you are not, even if the bad guy has your username and password, they won’t be able to log in.
How to set up your phone as a Physical Security Key
On your phone:
- Switch on Bluetooth on your phone (Android 7 or up)
- Connect your phone to your computer via Bluetooth
On your Computer:
- Open the Chrome browser on your desktop/laptop
- Sign into your Google account.
- Go to myaccount.google.com/security in the Chrome browser
- Click on “two-step verification”
- Choose “add a security key”
- Choose your phone.
Secure more web sites
While this service is currently only available for Google Suite, it is said that this will expand to other websites too. In the meantime, you can download the Google Authenticator app from the Google Play store and use that for 2-factor authentication on sites such as Facebook, WordPress, Epic Games etc. It works on the same premise, but now, you will see a series of numbers that are constantly changing which you will need to enter in order to log in.
So essentially its an extra step with every login. But well worth it!