Dongles, Security, and Keys: A New but Familiar Tune
November 22, 2018
Part of Google’s new product lineup is the Titan Security Key, selling for only $50. The Hacker News shares more information on the Titan Security Key in the article, “Google ‘Titan Security Key’ Is Now On Sale For $50.” Google first announced the security key at the Google Cloud Next 2018 convention.
The Titan Security Key is similar to Yubico’s YubiKey. It offers hardware-based two factor authentication for online accounts with the highest level of protection from phishing. The full kit offers a USB security key, Bluetooth security key, USB-C to USB-A adapter, and USB-C to USB-A connecting cable. The Titan Security Key is based on the FIDO (Fast IDentity Online) Alliance, U2F protocol and uses Google developed secure element and firmware. It adds another security level on top of passwords, an idea similar to the Tor browser. It is compliant with many popular browsers, email services, social media, and cloud services.
As more aspects of people’s lives migrate online, security is more important than ever. Tools like the Titan Security Key provide an extra level of security at a nominal price:
“According to Google, the FIDO-compatible hardware-based security keys are thought to be more safe and efficient at preventing phishing, man-in-the-middle (MITM) and other types of account-takeover attacks than other 2FA methods requiring SMS, for example. This is because even if an attacker manages to compromise your online account credentials, log into your account is impossible without the physical key. Last month, Google said it started requiring its 85,000 employees to use Titan Security Keys internally for months last year, and the company said since then none of them had fallen victim to any phishing attack.”
The Google Titan Security Key appears to be a simple and cheap way to ensure more security for individuals. One of the problems people face with online security is the lack of understanding, cost, and finding an effective product. Google appears to have created a great solution, but the one problem is that China made the Titan Security Key. China has all the schematics for the device and China is a hotbed for phishing attacks.
Microsoft, another me too outfit, has jumped on the bandwagon for dongles. Microsoft now offers native FIDO key login for Windows 10. What about losing a dongle?
Back to square one?
Whitney Grace, November 22, 2018