Google launches two-factor authenticator dongle

Avatar By Le Williams | 2 years ago

Google on Thursday unveiled the Titan Security Key, a two-factor authentication (2FA) token that should improve user security and create a complicated task for hackers to breach online accounts that support 2FA protection.

The Titan Security Key sells for $50 in the Google store right now and includes a Bluetooth key, a USB key, and the connectors that you might need.

While Google made it available first to Google Cloud users last month, the security dongle is now available to anyone who thinks they need stronger protection for their Google accounts and other online properties.

In a blog post on the Google Cloud blog, Google explains that the Titan keys are built on the FIDO standards and that the devices are designed to prevent hacks from manufacturing through actual use. Google makes a point to explain that the firmware in charge of the crypto operations can’t be hacked before the product ships to consumers:

“The firmware performing the cryptographic operations has been engineered by Google with security in mind. This firmware is sealed permanently into a secure element hardware chip at production time in the chip production factory. The secure element hardware chip that we use is designed to resist physical attacks aimed at extracting firmware and secret key material.”

The blog post further explains, “These permanently-sealed secure element hardware chips are then delivered to the manufacturing line which makes the physical security key device. Thus, the trust in Titan Security Key is anchored in the sealed chip as opposed to any other later step which takes place during device manufacturing.”

Additionally, Google says that it has been working with Yubico and NXP to develop security keys to be used inside Google. Since it began requiring security keys as a second factor for employees, Google had no reported or confirmed account takeovers following phishing attacks.