Google improves two-step verification by turning your Android phone into a security key

screenshot-www.phonearena.com-2019.04.11-21-50-10.jpg

Google seems to be putting more effort than ever into keeping Android users safe and sound against both potentially harmful applications and good old fashioned hackers. At the same time, traditional passwords are gearing up to go the way of the dodo, making space for more sophisticated methods of authentication, and now two-step verification is taken to the next level of convenience with a simple new feature.

This is all part of the search giant's grand plan to make our digital lives safer and easier, as the latest technology unveiled yesterday essentially makes physical security keys obsolete. That's because any Android phone running OS version 7.0 and up can basically become a security key now to add an extra layer of protection to your Google Account sign-ins.

Of course, two-step verification (or 2SV) has been around for a long time, allowing users to strengthen their passwords with things like text message codes and push notifications. While that's definitely preferable to using no second verification step to log into your account, it's also pretty vulnerable to modern phishing attacks. The same goes for your actual password, which is why you should absolutely buy a physical security key if you're worried about hacks... or simply use what you already have in your pocket to protect your account.


To turn your phone into a security key, you obviously need to add your Google Account to it first and foremost, then activate the 2SV feature. After accessing your security settings, you'll find an option to "set up an alternative second step", which will then allow you to easily enable your Android phone's newly added security key capabilities. Once that's done, trying to sign into your account using the Chrome browser on a computer with its Bluetooth support activated will send a notification to your handset (which also needs its Bluetooth and location services to be enabled).

The idea is you'll have to keep the phone close to the computer when verifying the sign-in process by following a few simple instructions, which will make account phishing practically impossible. That's such a neat and straightforward way to boost your online security that we're amazed it's taken Google this long to roll the feature out. And mind you, this is still a beta program, so we may have to wait a little longer until it becomes 100 percent reliable. It would also be nice if the company added support for other browsers in the near future.