Gmail Added User Authentication with Security Key
If you use two-factor authentication on your Google account, now there is an opportunity to simplify the task of logging into your Gmail account. The other day, developers have added support for a hardware security key, Security Key.
This device can replace the 6-digit verification code entered in the second step of two-factor authentication. The passwords of the first step remain, so the attacker who got someone else's Security Key will not be able to log into the account without entering a username / password.
Actually, many small services, mainly payment, use the possibility of authentication using a key gadget, but now this is the first attempt of a popular service such as Gmail to add similar functionality.
As for the Security Key itself, getting such a device is not very difficult: many manufacturers create compatible devices, the price of which ranges from 6 to 50 US dollars. The purchase will not be in vain, because now services such as PayPal, Samsung and Alibaba are planning to introduce or have already introduced a similar authentication scheme.
It is worth noting that the Security Key is based on open standards, so a similar architecture could be used in wireless tokens, Bluetooth or NFC.
Be that as it may, Google and other companies are now moving away from the authentication standard with a pair of username / password, gradually making user accounts more and more secure.