A few days ago, Google brought its Google Titan security keys to the USA.
They are small keys with USB, NFC and Bluetooth that, in a nutshell, serve to add an additional security key when accessing our accounts.
They are a two-step authentication system, only that instead of receiving a code in the mobile or in an app.
It consists of inserting a key in the USB port of the computer or connecting it via Bluetooth.
In Techcoderguru we have had the opportunity to access these keys to test them for ourselves, see how they are configured on both PC and mobile phones and how they work in practice.
This has been our experience.
The first thing: what is included and how they are configured
Currently, Google sells a single version of Google Titan security keys.
Namely: a pack with a key with USB A and NFC and a key with Bluetooth, designed for laptops and smartphones.
Also included is a micro-USB charging cable (for the Bluetooth key) and a USB A to USB type C adapter.
This allows you to use the keys on computers without USB A ports.
It is important because the Titan security key with USB type C is not yet for sale.
The size of these keys is reduced.
The version with USB A measures 43.9 x 20.8 x 3.1 mm and the version with Bluetooth 47.3 x 29.3 x 8.3 mm.
Neither weight, they are quite light devices and it is appreciated.
Especially if you plan to add them to the keychain.
The finishes are good and are resistant.
But being frank, the design is not something that matters too much in a product of this category.
The only thing I did not like is that the Bluetooth key has to be charged using a micro-USB.
When the USB type C is the port that is being standardized.
Beyond that, what matters most to us is its compatibility.
On Android phones, it is necessary to have Android 5.0 Lollipop and the latest version of Google Play Services.
For iPhone and iPad, meanwhile, you have to have the latest version of Google Smart Lock installed and use the Bluetooth connection or the NFC.
As for compatible services, it is imperative that these services comply with FIDO standards.
The list is extensive and includes the services of Google, Facebook, eBay, Dropbox, Amazon, Apple, PayPal or Twitter, among many others.
The only way to know if the one we want to protect is compatible is to look for your authentication options in two steps and check if it supports security keys.
The configuration process is similar in all services but varies from one to another.
So it is a matter of following the instructions offered by each platform.
For that matter, we will show how they configured in the Google account and on Twitter.
Because it is not as simple as inserting the key into the USB port and that’s it.
But you have to configure it service by service.
It’s tedious, but once done you won’t have to do it again.
How to configure Google Titan security keys
To configure the Google Titan security keys on Google, the first thing to do is open the browser.
Access the security key registry and log in with the Google account we want to protect.
Choose “Next” and insert the key.
After detection, we press the gold button in the upper area and wait a moment for the platform to recognize the key.
Google will show us a pop-up to “See the brand and model of your security key“.
So click on “Allow“.
Important not to take more than the account, because then the process gets cancel.
Afterwards, Google will recognize the account and will ask us to give the key a name.
For that matter, we will sweep home and call it “Techcoderguru”.
And ready, the key is set and ready to use.
To replicate the process on Twitter, the first thing to do is access this link.
Then activate one of the two two-step authentication systems that are available and are not the keys, see SMS or authentication app.
For that matter, we will use the SMS option, but you can use the one you prefer.
When we have configured the authentication in two steps with the SMS, we return to the previous link and click on “Security key“.
Click on “Start” and enter the security key when we see what you can see under these lines:
When we have inserted it, we press the golden button to recognize it.
Then we do it again to confirm the key as an authentication method.
It will tell us that everything is ready and we can start using the security key.
How to use the security keys on the mobile
These keys are somewhat “layered” in terms of mobile since the applications are compatible with them (Twitter, without going any further, it is not).
Where do they work?
In the web versions of the platforms.
For example, if you open the Twitter app you will enter as usual, without asking for the security key.
If you log out of the app and start it again, the key will not be able to use it.
You will have to resort to the other system that you have configured.
In which in our case was to receive a code via SMS.
However, if you access twitter.com from the browser and log in, you can bring the security key to the back of the mobile (if it has NFC).
Or use the Bluetooth key, which will be used for any mobile.
Remember, always from the browser, not from the apps we download from Google Play and App Store.