Sun. Sep 20th, 2020

Google allows iOS devices as Google security keys for 2FA

2 min read

Earlier, Google announced a cooperation agreement with the FIDO certification alliance, which can turn Android devices into physical security keys and then use them for multi-factor authentication login.

On the Android platform, this function can call biometrics such as facial recognition or fingerprint recognition, and provide a passwordless quick login experience for all supported websites.

Now, this feature has been gradually extended to the iOS platform, but due to restrictions, it only supports users to authenticate when logging in to their Google account through an iPhone or iPad.

Google has now updated the Google Smart Lock for iOS version, which is equivalent to the iOS password string on the Android platform and can be used to save passwords.

iOS Google security keys

On the iOS platform, it is a multi-factor authentication tool specifically for Google accounts. When you log in to your Google account, you need to confirm with the app before you can log in.

In this way, even if the password is leaked, the attacker cannot directly login to the user’s Google account, so it is necessary to configure multi-factor authentication from a security perspective.

Download and install Google Smart Lock for iOS from the App Store, then follow the prompts to log in to your Google account and turn on notifications and Bluetooth.

After the binding is completed, when you log in to your Google account through Google Chrome, you need to enter the account number and then the password. Then Google will send a notification to the device via Bluetooth.

After receiving the notification, you need to manually click Allow to log in to your Google account. This feature is relatively more convenient than generating a verification code with our commonly used authenticator.

Of course, the biggest problem with using the device as a physical security key is that the device must be with you. If it is not within the Bluetooth range, it cannot be successfully verified.

Via: 9to5google