Google has started to sell its Titan Security Keys to the public in the United States, expanding the availability of the Google-produced hardware tokens from just its cloud customers to anyone who wants to enhance the security of their Google account — and they work on the Mac and iOS.
Originally developed as a FIDO security key for internal use before being sold to Google Cloud customers from July, the Titan Security Key's availability has been expanded to anyone who wants to add an extra physical security element to their account. At present, they are available to purchase through the Google Store for customers in the United States priced at $50, with availability in other markets expected soon.
The keys are a form of physical two-factor authentication, in a similar way to how an authenticator app or a text message to a designated smartphone is used. While SMS, code, or push notifications are useful, sophisticated attacks can potentially acquire this data and allow an attacker to reach the account.
Physical security keys, such as Titan Keys or those by Yubikey, are considered to be more secure than the software or information-based two-factor authentication systems. In the case of the Titan Keys, Google advises each includes firmware stored in a secure element hardware chip at the time of production, making it impossible to tamper with the firmware.
Since the keys are used to perform a long cryptographic handshake with the host rather than sharing a short and copyable code, this also makes the use of such keys much more secure.
After supplying the Titan Keys to its approximately 85,000 employees and requiring their use as a second security factor last year, Google claims not to have a single reported or confirmed instance of an account takeover from its staff caused through password phishing.
Consisting of USB and Bluetooth security keys, a USB-C to USB-A adapter, and a USB-C to USB-A cable, the kit is built to FIDO Alliance standards, with the same key able to be used to secure other supporting services, including Facebook, Twitter, and Dropbox.
Mac and iOS devices are supported, but in some cases macOS users may need to use a different browser than Safari to log in.
20 Comments
Great idea but I'd be concerned about how durable those are. For now I'm sticking with Yubikey.
Is this a joke?