Out of the Box Solutions Blog

When Is a Phone Not a Phone? When It’s a Security Key

When Is a Phone Not a Phone? When It’s a Security Key

I’d be willing to bet that your phone is within reach at the moment, assuming you aren’t actively using it to read this blog right now. The tendency that people have to always have their phones on them has contributed to these devices becoming more deeply integrated into work processes - including security, via two-factor authentication. For this week’s tip, we’ll discuss how you can leverage an Android device as an added security measure.

For some background, it is important to understand that the Android OS now has FIDO2 certification. In essence, the FIDO (or Fast IDentity Online) Alliance has confirmed that Android meets the standards that the group has set for authentication needs.

So, What Does This Mean?

To make what could be a very lengthy conversation much shorter, it means that an Android device with Android 7.0 or higher and the latest version of Google Chrome installed can be used as a security key for your two-factor authentication needs. This also means that a device supported by FIDO2 (such as an Android device, no word on Apple supporting this yet) can leverage an onboard fingerprint scanner to confirm the identity of a user.

In other words, passwords may soon become a thing of the past.

No More Passwords?

While passwords have long been the standard form of identity authentication, they have also been shown to be somewhat simple for a determined cybercriminal to hack in one way or another. Phishing schemes and stolen databases have exposed millions of user accounts, and that’s not even counting all the times a hacker guessed that someone’s password was “letmein.”

The primary weakness of the password is the fact that it can, in fact, be shared. This is why FIDO2 is likely to become a very popular form of authentication… after all, it’s hard to share a thumbprint. FIDO2 also keeps all sensitive data - like the information read from biometrics - within the device itself, preventing it from being snagged from the Internet.

Perhaps most promising, in terms of a user’s security, FIDO2 will not allow a user to use their fingerprint on web domains and websites that are suspect (or just aren’t secure enough).

Using Your FIDO2 Android Device as a Security Key

As you would imagine, there are a few additional security-centric requirements that need to be met before you can leverage your Android device as a security key for authentication purposes. First of all, you need to have at least Android 7.0 installed, with Bluetooth turned on. In addition to this, you’ll also need the latest version of Chrome installed, and a Two-Step Verification-enabled Google account.

Once you’ve logged into your account, access Security. From there, you can activate 2-Step Verification and, you can set your smartphone to be the key required via a short process.

Using Your Phone to Authenticate Google Sign-Ins

With both Bluetooth and Location enabled on your phone, you’ll be prompted by any Google service you try to access to confirm the sign-in on your phone. By simply pressing Yes on your phone and waiting, you can sign-in to your Google account, confident that it has remained secure.

This kind of functionality is only going to appear more and more often, as more developers adopt the FIDO2 standard.

Are you looking forward to using this new authentication method? Let us know in the comments, and don’t forget to suggest any tips you think that we should cover!

The Biggest Problem with VoIP and How It Isn’t a D...
How Blockchain Will Soon Help All Companies


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, May 24 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Network Security Productivity User Tips Privacy Efficiency Internet Communication Data Tech Term Hardware Smartphones Microsoft Google Mobile Device Innovation Email Cybersecurity Windows 10 IT Support Malware Network Mobile Devices Business Passwords Small Business Business Management Communications Cloud Users Browser Android Hackers IT Services Applications Outsourced IT Collaboration Ransomware Managed IT Services Wi-Fi Data recovery Internet of Things Wireless Holiday Software Apps Managed IT services Bandwidth Backup Data Backup Workplace Tips Saving Money Social Media Managed Service Employer-Employee Relationship Information Hosted Solutions Networking Gmail VoIp Smartphone Marketing Gadgets Cloud Computing Business Intelligence Computer Blockchain Office Mobility Data Management Data Security BDR Office 365 Computers G Suite Cortana Net Neutrality Compliance Save Money Tech Terms Telephony Automation Remote Monitoring and Management Paperless Office Connectivity Value Artificial Intelligence Miscellaneous Access Control Analytics Facebook Microsoft Office Upgrade Virtual Assistant Password Wireless Charging Managed IT Service Cost Management Medical IT Chrome Remote Computing Patch Management Virtualization Voice over Internet Protocol Healthcare VPN Websites Internet Explorer Authorization Chrome OS Big Data Customer Service Inventory Unified Communications WannaCry Server Management Telecommuting Vulnerabilities Edge Virus Backup and Disaster Recovery Downloads Plug-In Wireless Internet Server Cybercrime GDPR HP Sports Knowledge Update Settings e-waste Tip of the week Safety Threat Phishing Data Protection RAM Content Filtering Training HIPAA Touchscreen Cryptocurrency Antivirus Employees Hard Drives Trends Comparison Proactive IT Help Desk Tactics Personal Information Document Management Telecommute Outlook IT budget disposal Bring Your Own Device User Tip Printing Data Breach Human Resources Physical Security Mobile Security Microsoft Teams Security Cameras Hard Drive Workers Microsoft Office 365 Staff Solid State Drive SSD A.I. Specifications Business Continuity Lead Generation Network Attached Storage Storage E-Commerce Voice over IP Profitability Battery Hybrid Cloud Processors Dongle Paper Sales Employee-Employer Relationship eCommerce Laptop Operating System Company Culture Reporting Word Millennials Time Management Hard Disk Drive Movies Maintenance Dark Web Payment Digital Data loss Technology Tips Amazon Eliminating Downtime Cables Vulnerability Machine Learning Ink Tablet Electronic Health Records Online Shopping Managing Stress Wearables Router Business Technology Authentication Video Twitter Conferencing Analysis Certification Error instant Messaging Spam Streaming Media BYOD IT Management Database Spyware Government PowerPoint Excel Troubleshooting Health Environment SaaS Quick Tips OneNote Disaster Recovery Regulation Windows 7 Alert Printers