Home Android How to use your Android Phone as a Security Dongle for two-factor...

How to use your Android Phone as a Security Dongle for two-factor authentication

If you own a Pixel 3, there’s a small bonus, too.

Google has enabled a two-factor authentication: using your phone as the near equivalent of a physical security key.

You should already be familiar with two-factor authentication: two-factor authentication is a way to prove that you’re the person you say you are. For example, you call to your bank and the bank ask you some questions that only you know in order to prove that you’re the person that is calling. Something like this is two-factor authentication.

Another way is that you setup your phone number as a two-factor authentication by sending you an SMS in order to receive a code that only you can receive in your phone to know that you are you said you are.

Google’s new use of an Android phone as a “hardware dongle” is almost, but not quite, the same. Instead of sending a notification to an app on your phone—which an attacker could access if you lost the phone and they knew your PIN code—the website or service tries to connect to your phone via Bluetooth. Google’s new 2FA method doesn’t require a dongle to be physically inserted into a PC, but since Bluetooth’s range is relatively short, the odds of an attacker accessing your unlocked phone while remaining physically near your PC are relatively low.

Otherwise, the way in which this two-factor authentication works should be familiar: You log in, the service sends a “Are you trying to sign in?” request to your phone, and then you confirm that yes, it’s you. Right now, Google’s new authentication is confined to its own services like Gmail and G Suite, and requires a phone running Android 7 or above. There’s no indication of this being tied to WebAuthn to enable 2FA on websites, though.

Google’s security page details the steps that are required:

  1. Enable two-factor authentication, if you have not already, on the web service in question.
  2. On your Android phone, go to myaccount.google.com/security.
  3. Under “Signing in to Google,” select 2-Step Verification.
  4. Scroll down to “Set up an alternative second step.”
  5. Select Add Security Key > Your Android phone > Turn on.

There is one bonus for users who own a Pixel 3: Instead of actually requiring you to unlock your phone, you can (optionally) just tap the volume-down button to confirm the authentication request.

Richard Sabinohttp://itspecialistdr.com
I like to share Information Technology News and how-to tips with all the people around me. I created this blog to reach the most people I can.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read

Microsoft Azure Virtual Training Day: Fundamentals

(adsbygoogle = window.adsbygoogle || ).push({}); Today we're...

Eliminate background noise from conference calls with Krisp for free

Krisp is an AI-powered filter that virtually eliminates background noise, letting your work-from-home experience be a little more pleasant and professional.

Microsoft is offering free certification voucher

(adsbygoogle = window.adsbygoogle || ).push({}); If you have been desiring to...

How to share your Calendar in Outlook with someone else

(adsbygoogle = window.adsbygoogle || ).push({}); Have you ever been struggling in...

A San Francisco church file a lawsuit against Zoom claiming the company is failing to protect users

An online Bible study session has been victim of Zoom-bombing which led this San Francisco Church to file a lawsuit against Zoom...

Google removed 813 creepware apps from the Android Play Store

(adsbygoogle = window.adsbygoogle || ).push({}); NortonLifeLock and researchers from the New...

Microsoft stopped the release of Windows 10 32-Bit Build for new PC

(adsbygoogle = window.adsbygoogle || ).push({}); There are signals that Microsoft is...