Protect your online accounts with Titan Security Keys
Phishing—when an attacker tries to trick you into giving them your credentials—is a common threat to all online users. Google's automated defenses securely block the overwhelming majority of sign-in attempts even if an attacker has your username or password, but we always recommend you enable two-step verification (2SV) to further protect your online accounts.
There are many forms of 2SV—from text (SMS) message codes, to the Google Authenticator app, to hardware second factors like security keys. And while any second factor will greatly improve the security of your account, for those who want the strongest account protection, we’ve long advocated the use of security keys for 2SV.
Today, we’re making it easier to get a security key by making Google’s own Titan Security Keys available on the Google Store.
Titan Security Key
Titan Security Keys have extra “special sauce” from Google—firmware that’s embedded in a hardware chip within the key that helps to verify that the key hasn’t been tampered with. We’ve gone into more detail about how this works on the Google Cloud blog.
Titan Security Keys work with popular browsers (including Chrome) and a growing ecosystem of services (including Gmail, Facebook, Twitter, Dropbox and more) that support FIDO standards.
Getting started
It’s easy to get started with Titan Security Keys. Kits of two keys (one USB and one Bluetooth) are now available to U.S. customers on the Google Store and will be coming soon to additional regions.
To set them up with your Google Account, sign in and navigate to the 2-Step Verification page (see detailed instructions on our help center). Titan Security Keys are also compatible with the Advanced Protection Program, Google's strongest security for users at high risk. And Google Cloud admins can enable security key enforcement in G Suite, Cloud Identity, and Google Cloud Platform to ensure that users use security keys for their accounts.
For more information, visit our website or read our detailed post on Google Cloud.