Google turns your Android phone into a security key
https://techcrunch.com/2019/04/10/google-turns-your-android-phone-into-a-security-key/
Your Android phone could soon replace your hardware security key to provide two-factor authentication access to your accounts. As the company announced at its Cloud Next conference today, it has developed a Bluetooth-based protocol that will be able to talk to its Chrome browser and provide a standards-based second factor for access to its services, similar to modern security keys.
It’s no secret that two-factor authentication remains one of the best ways to secure your online accounts. Typically, that second factor comes to you in the form of a push notification, text message or through an authentication app like the Google Authenticator. There’s always the risk of somebody intercepting those numbers or phishing your account and then quickly using your second factor to log in, though. Because a physical security key also ensures that you are on the right site before it exchanges the key, it’s almost impossible to phish this second factor. The key simply isn’t going to produce a token on the wrong site.