[ad_1]
Google has introduced the Titan security key during its Google Cloud Next convention & # 39; 18, a physical USB device that eliminates the need for password protection. enter user names and passwords. The FIDO-based device includes a firmware developed by Google engineers that checks its integrity, so that you can connect to your favorite sites without worry. It is available now for Google Cloud customers followed by full availability "soon".
"We have long advocated the use of security keys as the strongest and most phishing resistant authentication factor for high-value users."
Google's key is based on the FIDO U2F protocol, abbreviation for "2nd universal factor." Borrowing from the concept of smart card, simply insert the key into a USB port or press it against an NFC-compatible smartphone. line (or update your existing security preferences), your PC will create two encrypted tokens: one public and one private.
Later, when you connect to the account, the service containing the public token will send a "challenge" asking you to touch a button on the key, thus unlocking the private token for verification.There is no personal information sent over the internet, and the private token used to unlock the service remains unregistered.
Google and Yubico initially developed this protocol with the support of NXP but now maintained by the FIDO Alliance. Yubico already offers its YubiKey series for desktops and mobiles, like YubiKey 4, which supports multiple protocols, YubiKey NEO, compatible with Android, and the security key with immediate support for Gmail, Facebook and more. [19659003] That said, Google's new Titan security key will be in direct competition with Yubico's products. The difference is that one of Google's models will rely on a Bluetooth Low Energy component, a standard that Yubico helped build but decided not to use because "it does not meet our standards of security, usability and sustainability ". does not offer the same level of security as NFC and USB.
There is no information on the manufacturer of Titan Security Key, but Google plans to sell USB and Bluetooth bundle models for $ 50 or separately for about $ 25 each – maybe in the range of less than $ 10 in the future. In addition, the Titan security key will have nothing to do with Google's Titan chip used to protect cloud-based servers.
"Titan Security Key gives you even more peace of mind that your accounts are protected, with the assurance of Google affirming the integrity of the physical key," says Google.
Although smartphones are good for two-factor authentication, SMS messages can be intercepted.Furthermore, if your smartphone is lost or damaged, it takes your private keys with it.A USB stick can also be damaged, but it can hang on a keychain and does not require a network connection.By Google, the Bluetooth model can remain active for six months with a single charge
Google will initially target customers who need the most security key Titan: Journalists, Business Leaders, Politicians, etc.
Source link
