For $50, you can purchase the security keys Google staffers use to protect their online security. According to Google, these keys are the strongest, most phishing-resistant method of 2-step verification built to the FIDO open standard.
“Security keys are appropriate for any security-conscious user, and we recommend that all users, especially high value ones such as IT administrators, consider authenticating via security keys,” explained Christiaan Brand, Product Manager, Google Cloud.
Traditional 2-step verification works by using SMS codes or authenticator apps. Google’s Titan Security Keys offer stronger security by requiring users to have the key with them in order to sign into their account.
They’re also compatible with Google’s Advanced Protection Program, which helps to protect users who are at high risk of online attacks.
As you’d expect from Google, Titan Security Keys feature “special sauce” by embedding firmware in a hardware chip within the key.
“This firmware is sealed permanently into a secure element hardware chip at production time in the chip production factory,” Brand said. “The secure element hardware chip that we use is designed to resist physical attacks aimed at extracting firmware and secret key material.”
You can purchase a Titan Security Key bundle through the Google Store (only for U.S. users for now), which includes a USB security key and a Bluetooth security key.