631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

When Is a Phone Not a Phone? When It’s a Security Key

When Is a Phone Not a Phone? When It’s a Security Key

I’d be willing to bet that your phone is within reach at the moment, assuming you aren’t actively using it to read this blog right now. The tendency that people have to always have their phones on them has contributed to these devices becoming more deeply integrated into work processes - including security, via two-factor authentication. For this week’s tip, we’ll discuss how you can leverage an Android device as an added security measure.

For some background, it is important to understand that the Android OS now has FIDO2 certification. In essence, the FIDO (or Fast IDentity Online) Alliance has confirmed that Android meets the standards that the group has set for authentication needs.

So, What Does This Mean?

To make what could be a very lengthy conversation much shorter, it means that an Android device with Android 7.0 or higher and the latest version of Google Chrome installed can be used as a security key for your two-factor authentication needs. This also means that a device supported by FIDO2 (such as an Android device, no word on Apple supporting this yet) can leverage an onboard fingerprint scanner to confirm the identity of a user.

In other words, passwords may soon become a thing of the past.

No More Passwords?

While passwords have long been the standard form of identity authentication, they have also been shown to be somewhat simple for a determined cybercriminal to hack in one way or another. Phishing schemes and stolen databases have exposed millions of user accounts, and that’s not even counting all the times a hacker guessed that someone’s password was “letmein.”

The primary weakness of the password is the fact that it can, in fact, be shared. This is why FIDO2 is likely to become a very popular form of authentication… after all, it’s hard to share a thumbprint. FIDO2 also keeps all sensitive data - like the information read from biometrics - within the device itself, preventing it from being snagged from the Internet.

Perhaps most promising, in terms of a user’s security, FIDO2 will not allow a user to use their fingerprint on web domains and websites that are suspect (or just aren’t secure enough).

Using Your FIDO2 Android Device as a Security Key

As you would imagine, there are a few additional security-centric requirements that need to be met before you can leverage your Android device as a security key for authentication purposes. First of all, you need to have at least Android 7.0 installed, with Bluetooth turned on. In addition to this, you’ll also need the latest version of Chrome installed, and a Two-Step Verification-enabled Google account.

Once you’ve logged into your account, access Security. From there, you can activate 2-Step Verification and, you can set your smartphone to be the key required via a short process.

Using Your Phone to Authenticate Google Sign-Ins

With both Bluetooth and Location enabled on your phone, you’ll be prompted by any Google service you try to access to confirm the sign-in on your phone. By simply pressing Yes on your phone and waiting, you can sign-in to your Google account, confident that it has remained secure.

This kind of functionality is only going to appear more and more often, as more developers adopt the FIDO2 standard.

Are you looking forward to using this new authentication method? Let us know in the comments, and don’t forget to suggest any tips you think that we should cover!

The Biggest Problem with VoIP and How It Isn’t a D...
How Blockchain Will Soon Help All Companies
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, May 26 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Cloud Productivity Network Security User Tips Microsoft Communication Cybersecurity Malware Google Efficiency Communications Smartphones Hardware Internet Data Managed IT Services Hackers Tech Term Business Outsourced IT Email Passwords Innovation Backup Business Management Mobile Device Small Business Software Windows 10 IT Support Hosted Solutions Ransomware Browser Android Mobile Devices VoIP Wi-Fi Apps Network Data Backup Smartphone Bandwidth IT Services Data Recovery Users Applications Managed IT Services Social Media Collaboration Computer Internet of Things Save Money Microsoft Office Gadgets Alert Cloud Computing Miscellaneous Holiday Router Chrome Password Access Control Office Twitter Business Intelligence Workplace Tips Employer-Employee Relationship Saving Money Wireless Networking Excel Information Word Marketing Automation BDR Government Analytics VoIP Paperless Office Office 365 Managed Service Data Management Blockchain Patch Management Settings Gmail Phishing Data Breach Vulnerability Business Continuity Virtualization Artificial Intelligence Retail Scam Voice over Internet Protocol Tip of the week Remote Computing Workers Virus VPN Battery Cortana Remote Monitoring and Management Net Neutrality G Suite Healthcare BYOD Productivity Value App Medical IT Hacking Company Culture Tech Terms Connectivity Politics Data Security How To Mobility Cost Management Wireless Charging Website Virtual Assistant IT Support Physical Security Managed IT Service Data Protection Windows Upgrade Remote Monitoring Law Enforcement Compliance Telephony Spam Computers Mobile Device Management Facebook WiFi Cybercrime Dark Web Recovery Trends WhatsApp Wireless Internet HIPAA Disaster Recovery e-waste Google Drive Comparison Chrome OS Server Troubleshooting Voice over IP Maintenance SSD Remote Control Proactive IT User Security instant Messaging Two-factor Authentication Cleaning IT budget Printers PowerPoint CrashOverride Managing Stress Google Maps Hosted Solution Wearables Digital Access Internet Explorer Touchscreen Solid State Drive Machine Learning A.I. Help Desk Hard Drive disposal Reporting Specifications Human Resources Update eCommerce Antivirus Inventory Spam Blocking Business Technology Vulnerabilities Tech Support IT Management Sports Hard Disk Drive Safety Dongle Copy Apple Personal Information Edge Threat Microsoft Office 365 Telecommuting Telecommute Phone System Movies Spotify News Certification Education Processors Smart Technology Multi-Factor Security Conferencing Employee-Employer Relationship Licensing Outlook Online Shopping Lead Generation Mobile Security Email Management Analysis Sales Cryptocurrency Authentication Millennials Video Bring Your Own Device Paste Amazon iPhone SaaS Laptop Printing Hiring/Firing Data loss Unified Communications Telephone System Big Data Spyware GDPR Content Filtering Electronic Health Records Streaming Media Work/Life Balance Travel Profitability Operating System Tablet Network Attached Storage Staffing Authorization Technology Tips Hybrid Cloud E-Commerce Customer Service Paper Managed IT Staff Gadget RAM Office Tips Automobile Training HP Information Technology Database Botnet Storage Health Server Management Downloads Live Streaming Eliminating Downtime WannaCry Environment Knowledge Time Management Files Backup and Disaster Recovery Telephone Systems Plug-In File Sharing Payment Printer Server Ink Websites Shortcut Microsoft Teams Cables Remote Support Security Cameras Entertainment Document Management Biometrics Tactics Hard Drives Error User Tip Employees Public Speaking Unified Threat Management Search Regulation Vendor Management Presentation Lithium-ion battery Current Events Leadership Autocorrect Avoiding Downtime Augmented Reality Scheduling Emergency Wireless Technology 5G Dark Data Computer Care Samsung IBM Hacker The Internet of Things Managed Service Provider Instagram DDoS Budget Gaming Console Competition Customer Relationship Management Money IP Address Scalability Employer Employee Relationship Synergy Fun Windows 7 Video Games OneNote Worker Freedom of Information IaaS Mobile Office Credit Cards Television Domains Emoji Quick Tips Printer Yahoo HaaS Encryption Windows 10

Newsletter Sign Up