Google Titan Security Key Prevents Phishing Attacks

Phising is a social engineering method that aims to trick users into giving their passwords. This can normally be mitigated with things called “brain” and “paying attention”, but since we are all humans mistakes may happen on a bad day.

Even Google employees who should be tech savvy fell for the tricks from time-to-time, so Google made employees use 2-factor authentication with a  hardware security key since January 2017, and none of Google workers failed for a phising attack since then.

CNET was provided with a sample of Google’s “Titan Security Key”, which comes in both USB and Bluetooth/NFC versions, and will be available for sale in Google’s online store within the next few months.

Google Titan Security Key
Bluetooth (left) and USB (right) versions of Google Titan Security Key

The full technical details have not been provided for the key, but we do know Titan Security Keys support FIDO protocol, and are built with a secure element and a firmware written by Google that verifies the integrity of security keys at the hardware level.

The keys are said to be compatible with Chrome browser, and beside Google’s website, it also work on GitHub, Facebook, Dropbox, and several other websites. FIDO Universal 2nd Factor (U2F) devices  are also supported in Firefox and Edge, so I’d assume Google key may still work with those browsers too. Windows 10 and Linux distributions are also listed as supporting this type of devices. Hardware security keys like Yubikey NEO have been around for a while, but their use has not really taken off among users.

The Titan security key will cost $20 to $25 each, but you’ll also be able to purchase a bundke with both the USB and Bluetooth versions for $50, which does not make any sense, unless at least 3 keys are provided in the bundle.

Via XDA Developers

Share this:

Support CNX Software! Donate via PayPal or cryptocurrencies, become a Patron on Patreon, or buy review samples

Subscribe
Notify of
guest
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.
6 Comments
oldest
newest
John S
John S
3 years ago

Looks like the same design as Feitan ePass and MultiPass keys, I wonder if they manufacture these (or if it’s even the same hardware just with different firmware). Feitan’s hardware is availble in both USB+NFC and USB+NFC+BLE variants in those same two cases. The Feitan-branded U2F keys are $17 and $25 on amazon, though they were something like $8 and $16 in the past with a long running automatic coupon. Maybe it was an introductory offer.

I’ve never been able to get BLE U2F to work, personally.

MagicMonkey
MagicMonkey
3 years ago

Some news articles on the internet state that software is written by Google.

Looking at Feitan website it looks like you could order your-company-branded versions of their products.

I love FIDO2 with fingerprint reader dongle with USB-C on their website, but sadly you cannot buy that.

Anonymous
Anonymous
3 years ago

These appear to be rebadged Feitian products.

https://www.ftsafe.com/products/FIDO

Tired8281
Tired8281
3 years ago

I have the original version of the Bluetooth/NFC/USB key (branded Feitian), and it’s actually really awesome. If a device has NFC, I can just tap it. If it’s a device with Bluetooth that I use a lot, I can pair it and use it wirelessly. For everything else, it has microUSB (for which I always carry a cable in my pocket to charge my phone). It seems to never run out of battery…I’ve never charged it, I actually think it gets enough charge just from the few times I connect it via USB to use it. If this Google version… Read more »

theguyuk
theguyuk
3 years ago
Advertisement