Google Launches Its Own USB Hardware Security Keys To Lockdown Your Online Accounts
Google is aiming to help customers toughen up their security by now offering its Titan Security Key, which is USB flash drive that offers a second layer of protection when logging into accounts. The company's own employees have been using a version of the Titan Security Key for several years now, and now the latest version is available to the public.
It does not come without a bit of controversy, however, as one of Google's partners points out in a blog post. Those security keys that are in use by tens of thousands of Google employees are FIDO U2F-enabled Yubico devices. Yubico is the principal inventor behind both the Security Key and U2F protocol, and an avid supporter of open standards.
Get your Titan Security Key at the Google Security booth today! #googlenext18 @securitykeys #titan pic.twitter.com/ijRv7MbFm9
— Lukas Karlsson @ #GoogleNext18 (@lukwam) July 25, 2018
The Titan Security Key is something a little bit different. They are not manufactured by Yubico, in part because they do not adhere to the same standards.
"Google’s offering includes a Bluetooth (BLE) capable key. While Yubico previously initiated development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability. BLE does not provide the security assurance levels of NFC and USB, and requires batteries and pairing that offer a poor user experience," Yubico said.
There does not appear to be any bad blood between Google and Yubico, the latter of which said it continues to work closely with the former, and also Microsoft and the open standards community at large.
The point of these keys is to offer two-factor authentication (2FA). This helps prevent unauthorized access to your accounts. In this case, there is the added convenience of simply tapping a button the Titan Security Key, versus having to type in one-time codes sent to smartphones. There's also the added security of not having to provide a phone number.
Buyers can choose between a regular USB version or a Bluetooth variant for around $20 to $25 each, with Google Cloud customers getting first dibs.
