Now even if someone has your password, they can’t login unless they also have a code that’s sent to your phone or other device via a text message or the Google Authenticator app.
Don’t want to use an app or wait for a text message every time you want to check your Gmail account? Now there’s a simpler way. Google now supports the FIDO Security Key platform.
That means you can buy any FIDO U2F Security Key and just connect it to your USB port before you login to your account using the Chrome web browser.
Google will automatically detect the key and won’t prompt you for a special code. You’ll still need to enter your username and password, so if someone steals your Security Key they won’t be able to access your account. But if someone has your user ID and password but doesn’t have your Security Key, they’ll be locked out of your account.
Google isn’t the only company to support the Security Key system. The FIDO U2F (Universal 2nd Factor) protocol is an open standard that covers several different technologies including USB keys like the Security Key as well as fingerprint readers, iris scanners, voice and facial recognition or Bluetooth and NFC wireless devices.
Earlier this year PayPal and Samsung were among the first companies to announce support for the FIDO ecosystem.