Google's Titan Key to Foil Phishing

Google's Titan Key to Foil Phishing
Google has unveiled Titan Security Key, intended to beef up user protection across its services.

(CCM) — Google has announced at the Google Cloud Next conference the Titan Security Key, a FIDO physical security key that adds an additional protective layer to its already-established two-factor authentication. It appears to be its answer to other, similar physical security keys on the market, such as Yubico's Yubikey.

The physical security key uses multi-factor authentication to protect users against phishing attacks. It is necessary that the key be connected to the user's computer to proceed with login, blocking hopeful hackers from grabbing users' information remotely. Google also claims that it has developed firmware that cross checks your credentials and the integrity of the website that you are attempting to log into. And since the Titan Security Key doesn't use one-time codes, the chance of an attacked guessing or intercepting a code sent over by SMS is vastly reduced.

"We've long advocated the use of security keys as the strongest, most phishing-resistant authentication factor for high-value users, especially cloud admins, to protect against the potentially damaging consequences of credential theft," Jennifer Lin, Product Management Director for Google Cloud, wrote in a blog post mentioning the rollout.

Google may have even been using an earlier version of this key when it prevented all 85,000 of its employees from a phishing attack — a streak that has been maintained since early 2017. Users can buy a pack that includes the USB and Bluetooth versions of the Titan Security Key for $50, or purchase either one alone for roughly $25.

Image: © Google.