Security keys and zero trust
A security key is a physical device that works alongside your username and password to verify your identity to a site or app. They provide stronger login protection than an authenticator app or SMS codes, and the same device can be used for many services, so you don’t need to carry around a necklace of dongles and fobs.
Security Keys provide the highest level of login assurance and phishing protection.
In this issue of GCP Comics we are covering exactly that. Think of a Security Key as a way to protect yourself–and your company–from bad passwords and tricked users, as it stops fake sites from tricking people into logging in. Here you go!
A password alone turns out to be fairly minimal protection for an account, so we’ve seen many new options for 2-Step Verification (also called multi-factor authentication), a phrase meaning “more than just your username and password” to log in.
Getting a code by SMS or voice call is a little better than just a password, but you can still be fooled into feeding that code to a fake site, giving up your account credentials to an attacker. Backup codes and authenticator apps fall prey to the same malicious strategies, where an attacker harvests your info and then uses it to perform their own multi-factor authentication, gaining access to your account.
Only a security key can stop the cleverest of phishing attacks.
Why a security key over other multi-factor methods?
- A key must be registered in advance to a specific account, an action you take once to enhance the level of security for your sign in.
- The security key and the website perform a cryptographic handshake, and if the site doesn’t validate the key’s identity, including matching a previously registered URL, the login is stopped.
- Using open standards (FIDO) the same security key can be used for multiple sites and devices. You only need to carry one around, and they can be used for both personal and work accounts and devices.
- The firmware of Google Titan Security Keys is engineered to verify integrity, preventing any tampering.
- They come in all kinds of shapes and sizes, so you can get USB-A, USB-C, or NFC to match the use case that fits you best!
- In our experience deploying security keys to replace older forms of 2-Step Verification, we’ve seen both faster logins and fewer support tickets raised.
Related Google News:
- Architect your data lake on Google Cloud with Data Fusion and Composer February 19, 2021
- New option to download third-party apps and domain wide delegation to CSV February 18, 2021
- Changes to information visibility in Meet quality tool, Meet audit log, and Reports API February 18, 2021
- Basis Universal Textures - Khronos Ratification and Support February 18, 2021
- New in Google Cloud VMware Engine: improved reach, networking and scale February 18, 2021
- A look at how we tackle fake and fraudulent contributed content February 18, 2021
- Introducing Cloud Domains: Easily register and manage custom domains February 17, 2021
- To the cloud and beyond! Planning a multi-year data center migration February 17, 2021