Google announced Wednesday that it added a new authentication method that lets consumers use their phone as a physical security key. The free option is available to those with a smartphone running Android 7.0 and up.
“This makes it easier and more convenient for you to unlock this powerful protection, without having to carry around additional security keys,” Google said in a blog post.
“Use it to protect your personal Google Account, as well as your Google Cloud Accounts at work. We also recommend it for people in our Advanced Protection Program—like journalists, activists, business leaders and political campaign teams who are most at risk of targeted online attacks.”
Set it up
To use the new security feature, connect your phone over Bluetooth to a computer running the latest version of Chrome and verify your logins. From there, follow these steps:
On your computer, navigate to myaccount.google.com/security, visit the 2SV settings, and click "Add security key".
Choose your Android phone from the list of available devices.
When signing in, make sure Bluetooth is turned on for the device you are signing in on and on your phone.
Google explains that using a physical security key can beef up an account’s protection against phishing.
“Phishing—when an attacker tries to trick you into turning over your online credentials—is the most common cause of security breaches. Preventing phishing attacks can be a major challenge for personal and business users alike. At Google, we automatically block the overwhelming majority of malicious sign-in attempts (even if an attacker has your username or password), but an additional layer of protection can be helpful,” the company said.