Google Offers Physical USB Security KeyAdded: Sunday, November 2nd, 2014
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2013, www.extratorrent.cc
The tech giant has finally announced a physical USB Security Key for two-factor authentication. The key is expected to ensure that users keep their accounts safe from intruders, but it has its own limitations. Users can buy a compatible USB from a third-party supplier and add the Security Key functionality. After doing so, they can start using it when logging in to Google’s services, including Gmail and Google Drive. The key will contain the code required for two-factor authentication, if the latter has been switched on.
Two-factor authentication is a popular method of security protection. It required both a password and an additional data able to verify the identity of the person logging in. Before, Google provided users with the second piece of authentication data by sending the code via text message or the Authenticator app. Now the USB key can be used without any input required from the keyboard.
The company promises that accounts with Security Key enabled will remain secure from hacking (unless hackers manage to steal the plastic key). This method is presented as more secure than using a smartphone, because hackers have infected mobile devices in the past to steal security codes.
The USB key will also make sure that the website the user is on is owned by Google and not by a third party who uses it for a “man-in-a-middle” attack. The Security Key will not transmit its cryptographic signature if some phishing service is trying to pretend a Google login page.
Google explains that instead of typing a code, you can now insert the Security Key into the USB port of your machine and tap it when prompted in Chrome. The company guarantees that the cryptographic signature can’t be phished when you sign into your Google Account using Chrome browser and the Security Key.
As you might have noticed, there is one significant limitation: the USB key only works via the Chrome browser, and people who use other Internet browsers won’t like it. In addition, there’s the need for added hardware – this can also put some people off.
Apparently, this innovation has its own disadvantages: it is another thing to carry around and keep track of, it requires the Chrome browser to work, and it can’t be used on mobile devices as it needs a USB port to work. Perhaps, the target audience for this innovation is non-technical people who don’t use smartphones and apps. Anyway, if this increases the number of people using two-factor authentication, it is a useful thing.
Besides that, Google is also joining and championing a movement called the FIDO (Fast IDentity Online) Alliance. The goal of the latter is to spread the open Universal 2nd Factor (U2F) protocol used by the Security Key across various websites, so people will only require one USB key for all of them.
FIDO Universal Authentication Framework is widely used in payments apps from PayPal, Samsung, AliPay, and others, and with Google now using FIDO U2F, it is clear that a new era has arrived, where users and providers are urged to move beyond single-factor passwords to more secure authentication.
Posted by: Date:
Sunday, November 2nd, 2014
|posted by (2014-11-02 07:21:02)|
|A Physical USB Security Key now this a great move|
against hackers without key can't login
|And then hackers will offer key emulators. Okay. Next idea!|
|posted by (2014-11-02 14:21:43)|
|posted by (2014-11-03 01:26:44)|
|thats just great...|
|Not good for Opera users.|
|will see in future google going very forward in world ... hope google soon lunch Chrome Windows|
|posted by (2014-11-04 00:32:22)|
|it is more time to doing any view with usb's physically on the internet...if that! can be more difficult for hackers? it is like doing a long line to pay at any walmart...|
|can see it being used internally amongst some companies for security but joe blogs down the high street probably has a whole linux o/s on a usb key and far more secure having a whole o/s with access to your files on it and no need to access a potentially targeted server elsewhere.|
|using Lux encryption you make sure the key`s HDD stays locked and double authenticated with password if you wish to communicate via bittorent/Secure tunnel or any other method you can and when you leave the workstation you leave no details of your communications as you take it all with you on your encrypted usb key,these distro`s have been around years and linux and Debian have a good selection ,I always liked Kanotix,nowadays the real wizkids use Backtrack for its network penetration testing,lol. (:^D)|
|posted by (2014-11-08 12:33:19)|
Most Popular Stories