For the past few years, it has become very easy for hackers to steal our data using our e-mail logins. The recent WannaCrypt has proved that a simple script could lead to huge disasters. Although it was ransomware, it had the ability to delete a wholesome of data if the ransom isn’t paid. Besides, there are other techniques hackers use to steal our data, and the most common one is ‘Phishing’. Haven’t we all got emails that asked us to ‘login to certain accounts as someone tried accessing it or reset password’, but the email sender isn’t the official one? Well, that’s a phishing attack.
Most of us use a common password for all our logins, and in fact, doesn’t even enable 2-factor authentication. This could definitely do some serious damage to our assets both online & physical. Although there are ways to protect our personal data but as said, hackers are using sophisticated methods in preparing the phishing scripts [emails] which looks exactly like the original. Even the 2-factor authentication can be bypassed and here’s a story on how hackers bypassed Gmail 2FA.
Recommended: Is Password-less Login possible?
Well, there’s one way Google & other big firms suggests, and it’s to use physical security keys. Google is already selling Titan Security Key bundle which is based on FIDO standards and is termed as to be the best protection to phishing attacks. It costs some $50, but here’s something that can be used as an alternative to a physical security key. It’s turning your Android Phone into a security key itself. On its recent blog article, Google has stated that Android phones running on Android V7.0 and above can try out this method, and for now it’s in the beta stage. Here’s how you can try it out –
How to Turn Your Android Phone as a Security Key
- Basically, you need an Android phone running on Android v7.0 and up, a Chrome browser running on Mac OS X or Windows 10, and an active Bluetooth connection on both sides.
- In addition to that, you should enable 2FA on your Google/Gmail account.
- All you need to do is to visit the 2FA page from your computer, and click on ‘Get Started’
- If you scroll down, you will be able to see an alternative setup for 2FA which acts as a backup. Here you will see > Authentication App & Add Security Key
- Click on the ‘Add Security’ option and you will be given two options
- One of them is your active Android phone which in my case is showing as Samsung Galaxy Note 9, and the other is to add an external physical key. Select the Android Phone and ‘add it as a security’
Well, that’s it. You’ve successfully turned your Android phone as a security key. Note that there should be an active Bluetooth connection while you log in to your Google account, and it’s always recommended to back up the security keys on to external physical security bundles.