Alltech IT Solutions Blog

When Is a Phone Not a Phone? When It’s a Security Key

When Is a Phone Not a Phone? When It’s a Security Key

I’d be willing to bet that your phone is within reach at the moment, assuming you aren’t actively using it to read this blog right now. The tendency that people have to always have their phones on them has contributed to these devices becoming more deeply integrated into work processes - including security, via two-factor authentication. For this week’s tip, we’ll discuss how you can leverage an Android device as an added security measure.

For some background, it is important to understand that the Android OS now has FIDO2 certification. In essence, the FIDO (or Fast IDentity Online) Alliance has confirmed that Android meets the standards that the group has set for authentication needs.

So, What Does This Mean?

To make what could be a very lengthy conversation much shorter, it means that an Android device with Android 7.0 or higher and the latest version of Google Chrome installed can be used as a security key for your two-factor authentication needs. This also means that a device supported by FIDO2 (such as an Android device, no word on Apple supporting this yet) can leverage an onboard fingerprint scanner to confirm the identity of a user.

In other words, passwords may soon become a thing of the past.

No More Passwords?

While passwords have long been the standard form of identity authentication, they have also been shown to be somewhat simple for a determined cybercriminal to hack in one way or another. Phishing schemes and stolen databases have exposed millions of user accounts, and that’s not even counting all the times a hacker guessed that someone’s password was “letmein.”

The primary weakness of the password is the fact that it can, in fact, be shared. This is why FIDO2 is likely to become a very popular form of authentication… after all, it’s hard to share a thumbprint. FIDO2 also keeps all sensitive data - like the information read from biometrics - within the device itself, preventing it from being snagged from the Internet.

Perhaps most promising, in terms of a user’s security, FIDO2 will not allow a user to use their fingerprint on web domains and websites that are suspect (or just aren’t secure enough).

Using Your FIDO2 Android Device as a Security Key

As you would imagine, there are a few additional security-centric requirements that need to be met before you can leverage your Android device as a security key for authentication purposes. First of all, you need to have at least Android 7.0 installed, with Bluetooth turned on. In addition to this, you’ll also need the latest version of Chrome installed, and a Two-Step Verification-enabled Google account.

Once you’ve logged into your account, access Security. From there, you can activate 2-Step Verification and, you can set your smartphone to be the key required via a short process.

Using Your Phone to Authenticate Google Sign-Ins

With both Bluetooth and Location enabled on your phone, you’ll be prompted by any Google service you try to access to confirm the sign-in on your phone. By simply pressing Yes on your phone and waiting, you can sign-in to your Google account, confident that it has remained secure.

This kind of functionality is only going to appear more and more often, as more developers adopt the FIDO2 standard.

Are you looking forward to using this new authentication method? Let us know in the comments, and don’t forget to suggest any tips you think that we should cover!

The Biggest Problem with VoIP and How It Isn’t a D...
How Blockchain Will Soon Help All Companies
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, September 17 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Disaster Recovery Automobile Knowledge Gadgets Network Windows Telephone Systems Mobile Device Streaming Media Chrome Payment Education Word IT Support Apple Remote Control Conferencing Staffing Employee-Employer Relationship IT Management Gadget Business Management E-Commerce Online Shopping Processor Printers Error Business Intelligence Android Automation Tip of the Week Touchscreen Inventory Backup Video Games Hard Drives Cloud Computing App Telecommuting Dongle Smartphone Multi-Factor Security Spotify disposal Microsoft Office Hybrid Cloud Entertainment Leadership Information Technology CrashOverride Machine Learning WannaCry Health Productivity OneNote Router Downloads DDoS Twitter Update WhatsApp Big Data Vendor Management Help Desk Blockchain Recovery Document Management Mobile Device Management Mobile Security Retail Printer Server Website Innovation Content Filtering Hardware VoIp Telecommute Networking RAM Voice over IP Cabling VoIP Scam User Security Amazon Battery Save Money Net Neutrality Money Information How To Tech Terms Regulation Antivirus Employees Apps Virus Internet Explorer Data Protection Access Security Cameras Certification Business Technology Hard Disk Drive eWaste Licensing A.I. Outsourced IT Phishing Windows XP Healthcare Customer Service Physical Security HP Printing Benchmarks Video Mobility Laptop Cables Data Security Access Control Phone System Data Backup Applications Financial Biometrics PowerPoint Emergency Smart Technology Cybercrime Hackers Alerts Budget Trends Company Culture Privacy Quick Tips Patch Management Data Management Email Management Remote Support Human Resources Credit Cards Hacker instant Messaging Microsoft Teams Spam Solid State Drive Data loss Technology Tips Hacking Upgrade Office Tips Remote Monitoring and Management GDPR Smartphones Millennials Batteries Tech Term Analytics Computer Google Maps Hosted Solution Browser Backup and Disaster Recovery Hard Drive IT Support Unified Communications eCommerce Microsoft Software Thank You Recycling Windows 10 Value Connectivity Bitcoin Mobile Devices Chrome OS Bandwidth Settings Telephony Shortcut Remote Computing Managed Service Staff iPhone Work/Life Balance Going Green Analysis Proactive IT Spam Blocking BYOD Passwords Politics Managed IT Services Data Recovery Movies Voice over Internet Protocol Small Business Hosted Solutions Operating System Reporting Computers Saving Money Wireless Charging National Security Workers Electronic Health Records Efficiency Marketing IaaS Cybersecurity Hiring/Firing Printer Gaming Console Workplace Tips Processors Two-factor Authentication Alert Eliminating Downtime Current Events Freedom of Information Windows Server 2008 R2 Tip of the week Updates IT budget Gmail Ransomware Managed IT Services Dark Data Password Outlook Sales Network Security Virtual Assistant Google Drive Microsoft Office 365 BDR HIPAA Scheduling Facebook e-waste Webcam File Sharing Data Users User Tips Windows 7 Artificial Intelligence Tech Support Bring Your Own Device Websites SSD Samsung Paperless Office Dark Web Authentication G Suite Payment Cards Paper HaaS Maintenance Social Media Google Autocorrect Cortana Paste Plug-In Botnet Yahoo Troubleshooting Training Files The Internet of Things Edge Office 365 Vulnerability Wireless Internet Travel Security Communication Employer Employee Relationship Virtualization Office Cleaning Wi-Fi Employer-Employee Relationship Synergy Authorization Wearables Managing Stress Remote Monitoring Cost Management IT Services Law Enforcement Collaboration Computer Care Technology Email Compliance Internet of Things Miscellaneous Malware User Tip Environment Specifications Instagram Comparison Sports Television Time Management Telephone System Live Streaming Cloud Best Practices Tactics Server Management Emoji VPN Managed Service Provider Cryptocurrency Safety Medical IT Scalability Spyware Threat Data Breach Storage Wireless Display Vulnerabilities Network Attached Storage Tablet News Business Computing Digital Taskbar Worker Communications Database Encryption Personal Information Internet WiFi SaaS Managed IT Service Unified Threat Management Managed IT Server Copy Avoiding Downtime Business Continuity Holiday Congratulations Ink Excel Government Business Risk Management Profitability Productivity Windows 10 Lead Generation Search