If you are travelling a lot or simply want to enhance your security, a FIDO U2F security key is the best security device to get. Here’s how it works
Why Physical Devices Better Protect You
As someone who owns an email address (who doesn’t) you receive all sorts of spam every day and some from trusted parties, but what if someones manages to send you an email from an IDN domain that looks exactly like your favorite service? Known as homograph IDN attack (due to the similar look of the name), some emails are not as harmless as they look and even the most advanced users may fall victim to it. Therefore it is better to protect your accounts with a physical key. The FIDO U2F key is the latest introduction in a fight against never-ending spam and phishing attacks.
Let’s Set It Up
1. Step Order one from Amazon.com FIDO U2F Security Key
2. Step The key doesn’t look like a regular USB device, but it is a fully USB compliant key. Once you plug it in, the blue LED will blink, if it doesn’t you inserted it incorrectly.
3. Step Log into your Google account that you want to secure and head over to the following page (https://security.google.com/settings/security/securitykey/add?pli=1)
4. Step Unplug the key and then plug it in again, you need to press the key button:
5. Step It should now be registered, click done
6. Step You will now see a list of added keys and the times you logged in and from where. Neat!
Verify It Works
7. Step Open a browser that is currently not recognized by Google or if you use Chrome create a new account using the account switcher
8. Step You should now get a message that confirms that Google detected your key and you need to tap it.
A Timeout Occurred While Waiting For A Security Key
If you get the error “A timeout occurred while waiting for a Security Key to be inserted or tapped.” then you waited to long. Simply press the button on your key as outlined above.
1. Step Click Retry
2. Step Tap your key
3. Step You will be logged in automatically
4. Step The next time you log in you will no longer be asked to tap unless you are signing in from a browser that Google does not recognize
Question: Can I Use The Security Key To Secure Multiple Google Accounts?
Yes, that is possible. However, see my notes below
What services support FIDO?
Right now not a lot of services support FIDO U2F keys, but I am happy that Google does. Although 2-factor authentication using Authy or SMS codes is nice, a physical device is much better. Why trust a program like Authy that can easily be read from your memory or exploited via phishing.
Tips For Using Your FIDO U2F Key
The FIDO U2F key is a useful addition. However if you frequently clear cookie or switch browsers, you have to tap the device frequently. If you have multiple Google accounts, you may not want to add the device to each account and leave some accounts unsecure, e.g. your entertainment accounts. Work-related, school, office accounts should be secured.