Compliance Management, Incident Response, Privacy, TDR

Google implements Security Key two-factor authentication

Google enhanced its two-factor authentication earlier this week by allowing Security Key to be used as a primary verification method instead of texted security codes.

Security Key can be plugged into a user's USB port and protects against phishing attempts by rejecting an account's verification unless the user is connecting to Google's legitimate website, according to a company release. Google wrote that because of the device's cryptography use, sophisticated attacks could be warded off through its use.

No data connection is necessary to use Security Key; however, it does require users to be operating within Google Chrome version 38 or newer. Batteries also are not needed.

Mobile-only users aren't recommended to opt into this verification, as a USB port is required, Google wrote.

The devices must be compliant with the “FIDO Universal 2nd Factor (U2F)” open standard.

Related

Federal network vulnerabilities curbed by CISA KEV catalog

U.S. federal agencies have experienced a significant reduction in known exploited security flaws across the networks since the release of the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog more than two years ago, according to The Record, a news site by cybersecurity firm Recorded Future.

Related Events

  • Cybercast
    SEC Cyber Compliance Readiness: 4 Steps Every Leader Should Take Now

    On-Demand Event

  • Cybercast
    How IT Risk Translates into Enterprise Risk

    On-Demand Event

  • Cybercast
    Beyond basic security compliance: Using automation to build advanced workflows

    On-Demand Event

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.