888.678.7282    Get SUPPORT

Strata Information Technology Blog

When Is a Phone Not a Phone? When It’s a Security Key

When Is a Phone Not a Phone? When It’s a Security Key

I’d be willing to bet that your phone is within reach at the moment, assuming you aren’t actively using it to read this blog right now. The tendency that people have to always have their phones on them has contributed to these devices becoming more deeply integrated into work processes - including security, via two-factor authentication. For this week’s tip, we’ll discuss how you can leverage an Android device as an added security measure.

For some background, it is important to understand that the Android OS now has FIDO2 certification. In essence, the FIDO (or Fast IDentity Online) Alliance has confirmed that Android meets the standards that the group has set for authentication needs.

So, What Does This Mean?

To make what could be a very lengthy conversation much shorter, it means that an Android device with Android 7.0 or higher and the latest version of Google Chrome installed can be used as a security key for your two-factor authentication needs. This also means that a device supported by FIDO2 (such as an Android device, no word on Apple supporting this yet) can leverage an onboard fingerprint scanner to confirm the identity of a user.

In other words, passwords may soon become a thing of the past.

No More Passwords?

While passwords have long been the standard form of identity authentication, they have also been shown to be somewhat simple for a determined cybercriminal to hack in one way or another. Phishing schemes and stolen databases have exposed millions of user accounts, and that’s not even counting all the times a hacker guessed that someone’s password was “letmein.”

The primary weakness of the password is the fact that it can, in fact, be shared. This is why FIDO2 is likely to become a very popular form of authentication… after all, it’s hard to share a thumbprint. FIDO2 also keeps all sensitive data - like the information read from biometrics - within the device itself, preventing it from being snagged from the Internet.

Perhaps most promising, in terms of a user’s security, FIDO2 will not allow a user to use their fingerprint on web domains and websites that are suspect (or just aren’t secure enough).

Using Your FIDO2 Android Device as a Security Key

As you would imagine, there are a few additional security-centric requirements that need to be met before you can leverage your Android device as a security key for authentication purposes. First of all, you need to have at least Android 7.0 installed, with Bluetooth turned on. In addition to this, you’ll also need the latest version of Chrome installed, and a Two-Step Verification-enabled Google account.

Once you’ve logged into your account, access Security. From there, you can activate 2-Step Verification and, you can set your smartphone to be the key required via a short process.

Using Your Phone to Authenticate Google Sign-Ins

With both Bluetooth and Location enabled on your phone, you’ll be prompted by any Google service you try to access to confirm the sign-in on your phone. By simply pressing Yes on your phone and waiting, you can sign-in to your Google account, confident that it has remained secure.

This kind of functionality is only going to appear more and more often, as more developers adopt the FIDO2 standard.

Are you looking forward to using this new authentication method? Let us know in the comments, and don’t forget to suggest any tips you think that we should cover!

The Biggest Problem with VoIP and How It Isn’t a D...
How Blockchain Will Soon Help All Companies

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Best Practices Privacy Managed IT Services Network Security Cloud Hackers Internet Malware User Tips Communications Efficiency Microsoft Data Productivity Business Management Outsourced IT IT Support Cybersecurity Communication Tech Term Backup Smartphones Business Ransomware Windows 10 Hardware Passwords Software Innovation Google VoIP Email Mobile Device IT Services Alert Users Social Media Network Productivity Small Business Smartphone Browser Data Recovery Bandwidth Data Backup Apps Microsoft Office Holiday Phishing Cloud Computing Miscellaneous Collaboration Save Money Hosted Solutions Business Continuity Office 365 Workplace Tips Android Saving Money Data Breach Vulnerability App Twitter Mobile Devices Computer Access Control Internet of Things Gadgets BDR Applications Facebook Employer-Employee Relationship Blockchain Patch Management Remote Monitoring Scam Workers Compliance Wireless Office Cybercrime Net Neutrality Government Personal Information Mobile Device Management Settings Excel Wi-Fi Company Culture Networking Politics Chrome Law Enforcement Connectivity How To Entertainment Recovery Website Remote Monitoring and Management Education Maintenance Password Upgrade Retail Vendor Management Spam Computers Paperless Office BYOD Managed IT Service Voice over Internet Protocol Healthcare Automation Managing Stress SaaS Dark Web Managed Service Virus Telephony Information Data Security Word Windows Antivirus Virtual Assistant Value Marketing Medical IT Staffing VoIPSavings Licensing Voice over IP Managed IT Amazon Smart Technology Proactive IT Budget E-Commerce Email Management Tech Terms Authentication Health Botnet VPN Bring Your Own Device Printer Training iPhone Hiring/Firing Employer Employee Relationship HaaS Printer Server Data loss Gadget Eliminating Downtime Telephone System WannaCry HP Biometrics GDPR Time Management Update Travel Encryption Business Intelligence Payment Sales Battery Data Management Streaming Media Authorization Employees Physical Security Technology Tips Hybrid Cloud Customer Service Security Cameras WiFi Automobile Cleaning Printers Synergy Staff RAM Current Events Shortcut Wireless Internet HIPAA Document Management Database Leadership Access Storage Router Content Filtering Downloads Technology Efficiently Live Streaming instant Messaging Tablet Yahoo Solid State Drive Files Backup and Disaster Recovery Cables Telephone Systems Data Protection Computer Care Websites Microsoft Teams CrashOverride Help Desk Remote Support Hard Drive Hard Drives Tactics Error Human Resources Gmail Artificial Intelligence Trends Outlook WhatsApp Wireless Charging e-waste Disaster Recovery Regulation Vulnerabilities Knowledge DDoS Troubleshooting Hard Disk Drive SSD Two-factor Authentication Remote Control IT budget PowerPoint Gaming Console Dark Data Certification Processors Avoiding Downtime Digital Internet Explorer Analytics Touchscreen Employee-Employer Relationship A.I. Scalability Phone System Lead Generation disposal Reporting Cryptocurrency Comparison VoIPMyths Video Emergency Inventory Plug-In Tech Support Cortana IT Management Sports Video Games Google Maps Electronic Health Records Unified Threat Management Dongle Worker Mobility Apple Edge Threat IaaS Microsoft Office 365 Safety Movies Credit Cards The Internet of Things Profitability News Managed Service Provider Cost Management Spyware Television Information Technology Multi-Factor Security Specifications OneNote Mobile Security Paste Business Technology Competition Remote Computing Customer Relationship Management Laptop Printing Unified Communications Big Data IP Address Conferencing Managed IT Services eCommerce Fun Operating System Network Attached Storage Telecommuting Paper Mobile Office Chrome OS Domains Online Shopping Environment Server Management Quick Tips Millennials Autocorrect Wearables Virtualization Ink Public Speaking Search Scheduling Google Drive Presentation IT Support Hosted Solution File Sharing Server User Tip Emoji Lithium-ion battery Machine Learning Augmented Reality Instagram Wireless Technology 5G Money Copy Spam Blocking User Security Samsung Tip of the week G Suite Windows 10 IBM Telecommute VoIP Hacker Windows 7

Newsletter Sign Up