Google Turns All Android 7.0+ Phones into 2-Factor Security Keys

Google Turns All Android 7.0+ Phones into 2-Factor Security Keys

You should always use 2-factor authentication, or 2-step verification as Google calls it. This is the best way to keep unauthorized people from getting into your accounts, but it can be a pain to set up and use. That’s why Google has worked to make 2-step verification easier to use with devices like the Titan Security Key. That costs money, and you might already have an Android phone. Starting now, most Android phones have magically become 2-factor security keys.

Most 2-factor security keys are USB dongles, so you need to find a free port on a device and plug the hardware in. As we move from USB-A to Type-C, you may or not have the right kind of port available. Google’s Titan key solves that with Bluetooth support, and now Android phones operate in a similar fashion. You need Bluetooth and location services enabled, though.

Phone security keys can be configured on any device running Android 7.0 Nougat or higher. This feature was delivered by a Google Play Services update, so you don’t need any system OTAs. When you attempt to log into Google, your phone will generate a confirmation prompt. The Pixel 3 and 3 XL have a hardware Titan M security chip inside, so you have to press the volume down button to physically engage the chip. All other phones have a button on the screen to authorize.

Currently, you can use your phone authenticator over Bluetooth with a computer running Chrome OS, macOS, or Windows 10 with the latest stable version of Chrome (v72 as of this writing). You also need the same Google account signed in on both devices. Google is working to get the industry to standardize around the FIDO and WebAuthn standards, but support is somewhat narrow at this time.

The argument could be made that using your phone as an authenticator is a bit less secure than using an app like Google Authenticator to generate one-time codes. After all, someone just needs to tap a button within Bluetooth range of the login. However, Google only lets you set up phones as authenticators as long as you have a secure lock screen enabled. Turning on trusted locations or devices that can bypass the lock screen (a long-time feature of Android) reduced your security.

Continue reading

Android 12 Could Include Major App Compatibility Improvements
Android 12 Could Include Major App Compatibility Improvements

Google has attempted to centralize chunks of Android over the years, and a major component called ART is set to get this treatment in Android 12. The result could be vastly improved app compatibility, which is sure to make everyone happy.

Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021
Qualcomm’s New Snapdragon 888 Will Power Flagship Android Phones in 2021

The 888 comes with a new CPU design, integrated 5G, and a massive GPU boost. It's shaping up to be the most significant update to Qualcomm's flagship system-on-a-chip (SoC) in years.

Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon
Samsung Starts Rolling Out Galaxy S20 Android 11 Update on Verizon

Not only does this include the Googley Android 11 enhancements, but it also has numerous Samsung-specific changes as part of the One UI 3.0 revamp.

It Turns Out Huawei’s HarmonyOS Is Still Just Android
It Turns Out Huawei’s HarmonyOS Is Still Just Android

Following the Commerce Department's actions against the Chinese megafirm, Huawei has been unable to use Google services on its new phones. The company's solution was to develop HarmonyOS, but now that we've gotten our first real look at it, one thing is clear: this is just Android with a skin.