Skip to main content

Protect your Google Accounts with a USB Security Key



Most big-name web services like Gmail, Microsoft, Evernote, WordPress and Dropbox now support 2-step authentication to improve the security of your online accounts. Once you enable two-factor authentication, a malicious person will not be able to log into your online account even if they know the password – they’ll need access to your mobile phone as well to get in.
The verification codes required for logging into a 2-step enabled account can be generated either using a mobile app – like Authy or Google Authenticator – or you can have them sent to your mobile phone via a text message or a voice call. The latter option however will not work if the mobile phone associated with your account is outside the coverage area (like when you are in a foreign country).
There’s another option that makes the process of logging into a 2-factor enabled account Google less cumbersome. Instead of generating the verification codes on a mobile phone,  you can use a hardware based authenticator that can be inserted into a USB port on your computer and you’ll be signed-in automatically without having to hand-type the digits.
The option works for both Google and Google Apps accounts and you don’t even need the mobile phone

Google 2-factor Authentication Simplified

I am using the least-expensive Yubico key though there are more options to choose from. The first stop is to associate the USB security key with your Google Account. Go to myaccount.google.com, click on 2-step verification and then switch to the Security Keys tab. Here click the Register Device button and then insert the USB key into the computer to attach it to your account.
Once registered, you can use your USB security key to log into your Google Account from any other desktop or laptop computer without requiring the mobile phone. Simply open the Google login page, type in your username & password, click the Sign-in button and then insert the USB key. The lights will blink on the device, you need to tap it once and it will instantly log you into the account. Internally, the key generates the codes that are sent to Google servers and you are logged in.
The USB security keys require no software and they are compatible with Windows, Mac, Chrome OS and Linux computers. They need no batteries, they are tiny like a regular USB thumb drive but also rigid. You can also associate multiple Google Accounts with the same USB key which can be a huge timesaver for some users.
USB Security Keys make 2-factor authentication painless but you can only use them inside Google Chrome on desktop and laptop computers. You’ll still have to rely on SMS messages, or the authenticator app, for logging into Google on your mobile phones or in browsers like Firefox and Opera

Comments

Post a Comment

Popular posts from this blog

Now you can breathe liquid!

DIVE DEEP The recommended absolute limit for recreational SCUBA divers is just 130 feet, and technical dives using Trimix bottom out at 330. Even then, you’ve got less than five minutes at depth before requiring monitored decompression to avoid getting the bends (the not-scary word for when nitrogen dissolves into your tissue under the massive pressure of the water column, is ejected into the bloodstream during ascent, and you die of a brain embolism). Interestingly though, once your body hits its nitrogen saturation limit, it doesn’t matter if you stay down for an hour or a month; your decompression time effectively maxes out. This technique, known as saturation diving, is how recovery divers working on the K-141 Kursk were able to spend hours 300 feet below sea level (amidst 10 atmospheres of pressure) and how the crew in The Abyss were able to do their jobs. LIQUID AIR Perhaps the best-remembered scene from the 1989 Sci-Fi classic The Abyss is when Ed Harris’ chara...
Post a Comment
Read more

Don’t like people to know you’ve read their Whatsapp messages? Here’s how to get around it.

The honor of having one of the most misinterpreted features in the world of tech startups goes to Whatsapp – specifically, the check marks that appear next to any message sent. Many initially guessed that two check marks meant that the recipient has already read the message, but that turned out to be incorrect Here’s what those check marks really mean: one tick to show that the message has reached Whatsapp’s servers, another to inform the user that it has reached the recipient’s phone. Now, there’s a third layer of information in the form of blue check marks, indicating that the recipient has indeed read the message. In the interest of privacy, Whatsapp had not so long ago introduced the option to hide the ‘last seen’ notification that informs the other party when that person was last on the messaging platform. The introduction of the blue check marks is strange, given that this brings back the social pressure to reply – what many users consider an intrusion of privacy. ...
Post a Comment
Read more

Can I determine if my computer has a key logger installed? – YES!!!

Detecting keyloggers is as simple as looking in the right place (which may or may not be simple depending on your viewpoint). The problem is knowing what to look for and where. What follows is a non-exhaustive few things you could do to check for keylogging modules. Firstly, the obvious easy way to build a keylogger is to use DLL Injection which can be achieved a number of ways. Most of these will result in a DLL showing up as mapped to the process’s address space. Take a look at this picture: What is the topmost entry in that list? It’s a pyd , or python extension, file. I’ve been messing with python-implemented COM servers and as a result, the DLL is loaded into Windows Explorer’s address space. DLL Injection of the keylogging variety will load its DLL into all of the target address spaces – can’t capture everything if you don’t. So one thing to look out for would be strange DLLs you cannot attribute to products whose purpose you know. They’ll show up in this list for...
Post a Comment
Read more