ISSUE 62 • ANDROID ADVISOR 95FEATUREHow it works: When an account requests 2FA
verification, you’ll need to plug your security key into
your phone or PC’s USB-C port or (if supported) tap
it to the back of your NFC-enabled phone. Then, it’s
only a matter of pressing the button on the key to
establish the connection and you’re in.
How secure it is: Extremely. Since all of the login
authentication is stored on a physical key that is either
on your person or stored somewhere safe, the odds of
someone accessing your account are extremely low.
To do so, they would need to steal your password and
the key to access your account, which is very unlikely.
How convenient it is: Not very. When you log into
one of your accounts on a new device, you’ll need
to type your password and then authenticate it via
the hardware key, either by inserting it into your PC’s
USB port or pressing it against the back of an NFC-
enabled phone. Neither method takes more than a
few seconds, though, provided you have your security
key within reach.
Google Advanced Protection Program
What it is: If you want to completely lock down your
most important data, Google offers the Advanced
Protection Program for your Google account, which
disables everything except security key-based 2FA. It
also limits access your emails and Drive files to Google
apps and select third-party apps, and shuts down web
access to browsers other than Chrome and Firefox.