i-medIT Blog

Tip of the Week: Your Phone Can Work as Your Security Key

Tip of the Week: Your Phone Can Work as Your Security Key

If you’re like most people nowadays, your mobile phone is currently well within your reach (and that’s assuming you aren’t reading this blog on it). The fact that most people keep their phone on them at all times has greatly contributed to these devices becoming a part of any given work-related process. One major way is the implementation of two-factor authentication, which we’ll discuss as a part of this week’s tip.

As we begin, it is important that we acknowledge that the Android operating system has been granted FIDO2 certification. In other words, the FIDO (Fast IDentity Online) Alliance has given the Android OS their seal of approval in regard to the authentication standards that the Alliance has set.

What Does This Mean?

In very simple terms, any Android device running 7.0 or higher with the latest Google Chrome update installed can be used as part of a two-factor authentication strategy - more specifically, as a security key. This includes the support that FIDO2 offers for onboard fingerprint scanners as a means of identity authentication. Currently, this authentication standard is only supported by Android, with no indication of Apple devices incorporating it.

In no uncertain terms, this all means that passwords may soon be phased out.

Abandoning Passwords

Passwords have been the standardized form of authenticating one’s identity for quite some time, despite the potential issues that are present with them. How often have we seen just how many ways a determined cybercriminal has to obtain a password? Between insecure databases filled with credentials and unfortunately successful phishing schemes, millions of accounts have been exposed - and that isn’t even taking all the times an insecure password was guessed into account.

The biggest weakness that any password has is the fact that it can be shared at all, that someone other than the owner can use it. Over any other reason, this is why FIDO2 is likely to become as popular as it is expected to be. When was the last time you successfully shared a thumbprint with someone, after all? Furthermore, FIDO2 keeps all of the information that is pulled from its biometrics onboard the device, keeping it safe from being stolen on the Internet.

As an added bonus, FIDO2 won’t allow the user to input their fingerprint’s biometric data into websites that don’t have sufficient security measures in place.

How to Use Your Android Device as a FIDO2 Security Key

In order to leverage your Android device as a security key, you need to make sure that it meets a few benchmarks. First and foremost, you’ll need to be running at least Android 7.0, with the latest version of Chrome installed. You will also need to have Bluetooth activated, and a Google account with two-step verification enabled.

This is somewhat simple to do. Logging into your Google account, access the Security section. Here, you’ll find the option to activate 2-Step Verification. After a short process, your smartphone will work as a security key.

Authenticating Google Sign-Ins with Your Phone

As long as you have enabled both Bluetooth and Location on your mobile device, any Google service you try to access will prompt you to confirm the sign-in attempt via your phone. This process is exceptionally simple - all you have to do is press Yes on your phone and wait. Once you’ve done so, you can confidently access your Google account, securely. As more developers adopt FIDO2, this enhanced security will only appear more often.

What do you think of this new authentication method? Share your impressions in the comments! While you’re there, let us know if there are any other tips you’d like us to cover!

Virtual Reality has a Limitless Future
How to Mitigate Unhappy Online Opinions
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, June 25 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Google Cloud Hackers Innovation User Tips Internet Productivity Data Microsoft Hosted Solutions Email Network Security Tech Term Mobile Devices Efficiency Hardware Business Backup Malware Workplace Tips Data Backup Small Business Smartphones Smartphone Cloud Computing VoIP Communications Android IT Support Windows 10 Gadgets Software Business Management Managed IT Services Network Data Recovery Communication Windows Internet of Things Cybercrime IT Services Server Browser Cybersecurity Artificial Intelligence Business Continuity Router Ransomware Miscellaneous Mobile Device Chrome Computer Automation Spam Computers Information Social Media Users Outsourced IT Upgrade How To Collaboration Phishing BDR Save Money Money Productivity Mobile Device Management Law Enforcement Applications Operating System Social Engineering Saving Money Office 365 Word Disaster Recovery Passwords Remote Monitoring Bring Your Own Device Data Breach Sports Data Security BYOD Two-factor Authentication Safety Private Cloud Government Google Drive Staff Data Protection Vulnerability Managed Service Facebook Wi-Fi Paperless Office Bandwidth Connectivity Settings Holiday Telephone Systems Quick Tips Encryption Alert App Managed IT Services Voice over Internet Protocol Cleaning Identity Theft Spam Blocking Business Intelligence Data storage Augmented Reality Managed IT Education Password Telephony Gmail Physical Security Human Resources Cryptocurrency Windows 7 Data Storage Update YouTube Networking Meetings Botnet Windows 10 Infrastructure Servers Scam Recovery Downtime Fraud IT Management Virtualization The Internet of Things CES Health Public Cloud Keyboard VPN OneNote Virtual Assistant Redundancy IT Plan Google Docs Content Management Microsoft Office Display Avoiding Downtime Training Apps Machine Learning Comparison Telephone System Internet Exlporer Unsupported Software Website Blockchain Access Control Software as a Service NIST Cables Windows Server 2008 Cast Thought Leadership Hacker Camera eWaste Managed Service Provider Charger Hiring/Firing Advertising Mobility Authentication Workers Relocation Netflix Biometric Security Shortcuts FENG Evernote webinar Patch Management Smart Office Net Neutrality Microchip Default App Tech Support Credit Cards Current Events USB Smartwatch Criminal Computer Care Windows 10s Automobile HBO Millennials Outlook Legal Nanotechnology Remote Worker 5G Social Practices Skype Wireless Charging Conferencing Document Management ISP Search Engine Multi-Factor Security User Error Safe Mode IT Infrastructure Flash Shadow IT Knowledge Addiction Employee Warranty WiFi Samsung Work/Life Balance Vendor Frequently Asked Questions Workforce Humor IBM Smart Tech Wiring Travel Password Manager HVAC OLED HaaS Entertainment Hosted Computing Start Menu Cortana Emails Cryptomining Bing Trending Chromecast Robot Digital Signature Investment Amazon Reputation Wireless Network Congestion Big Data Cache Digital Signage Printer Value Solid State Drive Enterprise Content Management Manufacturing Excel Uninterrupted Power Supply Telecommuting Going Green Hybrid Cloud Supercomputer Data loss Unified Threat Management Business Mangement Laptop Apple Electronic Medical Records End of Support Inventory MSP Tools Google Apps Database Help Desk ROI Sync Amazon Web Services Customer IT Consultant Wireless Internet Google Search Mouse Data Management NarrowBand Files Audit Password Management Cabling Tip of the week Office Tips Remote Work Monitor PDF Budget Screen Mirroring Devices Security Cameras Mobile Computing Recycling Touchpad iPhone Virtual Reality Save Time Internet exploMicrosoft Flexibility Root Cause Analysis File Sharing Employer-Employee Relationship Office Firewall Business Technology DDoS Specifications Accountants Online Shopping Hacking Marketing Software Tips Wire Proactive IT Administrator Wireless Technology HIPAA Black Market History Computer Fan Information Technology Scalability Wearable Technology Worker Commute Risk Management Smart Technology Managing Stress Content Regulation Congratulations Search Twitter Printers Employer Employee Relationship Politics Worker Computing Infrastructure Two Factor Authentication Assessment Techology Audiobook How to Instant Messaging Troubleshooting Computer Accessories Best Practice Rootkit Television Transportation Experience Remote Computing Public Computer IT Support CrashOverride Webinar Benefits Books Loyalty Video Games Music Vendor Management Bluetooth IT solutions Battery Company Culture Compliance GDPR Thank You Emergency SaaS