Many of our online accounts now come with an extra functionality with two factors (2FA) that help keep our data safe. This essentially means that no one could access the account until a specific set of requirements was met. It can be a combination of a password with a security key or even a password with some form of biometrics, such as a fingerprint or a face scan.
To be more specific, most 2FA systems require a combination of two things before you can log in: something you know and something you have. Your password works as "something you know" and Google now has a system where your phone can serve as "something you have" when you sign in to Google services on your computer. Once configured, unless a potential attacker had physical access to your phone in addition to by knowing your password, they could not log in.
It was just announced that you can now use any Android phone to secure your Google Account using what they call the 2-step verification system (2SV). This can be considered as a form of the 2FA method as mentioned above, as it requires two separate factors. The newly added functionality for their 2SV means you no longer have to carry a separate security device to protect your account.
First, enable Bluetooth on your computer. If your computer was not provided with Bluetooth functionality built-in, can buy a Bluetooth dongle from Amazon for as little as $ 8, so just put it in a USB port on your computer to Add Bluetooth functionality. 19659002] To enable Bluetooth on a Windows 10 PC, go to the Start menu (click the Windows icon in the lower left corner) and then click Settings Gear. Then select "Devices", and then make sure the switch connector under "Bluetooth" is turned on.
For Windows 8 users, move your mouse pointer to the lower right corner and several icons will begin to appear ("Charm Bar") . Move your mouse up to reveal Charms, then click "Settings." Go to Change PC Settings> Wireless> Wireless Devices From Here, then enable the Bluetooth switch.
If you are on Mac, click the Apple icon at the top left of any screen and then select "System Preferences". Then the "Bluetooth" menu opens and then click the button labeled "Turn Bluetooth On." If this button says "Turn Off Bluetooth Off" instead, Bluetooth is already enabled and you don't need to change anything.
For Chrome OS users, just click on the time in the lower right corner and then select "Bluetooth". If the switch is off, activate it at this time.
Step 2: Enable Bluetooth & Location on Your Phone
Now turn down the top of the phone screen to expand the Quick Settings menu, then press Bluetooth to switch on the feature if it is not already enabled. Alternatively, search the phone's main settings app for the word "Bluetooth", and then rotate the changer from there.
Next, go to the phone's main settings app and open the "Location" menu. If you cannot see this menu in the main settings list, use the search function at the top of the screen to type "Location" and then tap the top result. Then the switch is activated at the top of the page to ensure that location services are turned on. This is required to ensure that the phone is physically close to the computer when you log in.
Note: Bluetooth and location do not have to be all the time just when you log in to your account. Both your computer and phone must have these active to identify the location and confirm that the signup attempt is genuine. Once you are logged into your account, you are welcome to turn them off at your option.
First, add your Google Account to the phone you want to use as a security key. If you have not already done so or have multiple accounts you want to secure on a particular device, you can easily add them by going to this menu:
Settings> Accounts> Add Account> Google
The above location is where you can find everything you need to add a new account to your device. Follow the on-screen instructions to sign in with one or more Google Accounts, then you are fully set to this part of the process.
Now that I have a Google Account situation taken care of with a trusted Android phone of your choice. You need to enter your account in the Google 2SV system (again, if you haven't already). It's a simple process that doesn't take you very long to create at all and it will be worth the extra layer of security.
Go to the link below and click or click "Get started". Sign in with the same Google Account you signed into your phone and follow the on-screen instructions and you'll be on your way to protecting your account.
When you're done, leave the window open for your 2FA settings because you need to jump back into them in the next step. You have now created your trusted Android devices and will then be notified of each device each time your account is logged in. On this message, you can grant access if you recognize that you are logging in or denying access to protecting your account from a malicious login attempt.
Before locking your account by turning your phone into a physical security key, take some time to generate 2SV backup codes if you don't already have it. These act as a stand-in for your phone, if lost or stolen – in other words, you can enter one of these random sets of numbers in the sign up prompt if your phone fails to lock your account for any reason.
To do this, go to Google's 2SV Settings Page, click "Get Started" and sign in, and scroll down to the Setup Alternate Second Step section and click on the "Setup" button under the heading "Security codes".
You will now be presented with a list of ten 8-digit codes. Be sure to copy them down and keep them in a safe place – the best way is to write them on a piece of paper and store this piece of paper in a safe place, because if you save them as a digital file, you will be open to remote hackers which defies the purpose of using a physical device as a 2FA security key.
Step 6: Add your phone as a security key
Now that you've got your 2FA security system set to Android, assign it a security key to use to sign in to your account on a computer.
To do this, open the Google Chrome web browser and then visit your 2SV account settings on Google. 19659002] When you are there, scroll down to Configure Alternate Second Step and then click "Add Security Key" to start. Select the Android device you want to use as a trusted source to secure your Google Account on the next screen, then click "Add" and end things by clicking "Done".
Step 7: Unlock your account with your phone
Now you've locked your Google Account with a proper 2FA security system. It's time for you to test it on your computer and see how it works.
Log out of your Google Account in the Chrome browser on your computer if you need to try logging in again with your login and password. Once you have entered your password, you will be presented with a new screen asking you to "Check your phone."
Make sure both Location and Bluetooth on your phone are enabled to check for the nearby device. When it recognizes your trusted device, it sends you a message to that device. Tap "Yes" to confirm that you are trying to sign in to your account right now, then it starts connecting to your computer for verification. Once it has been verified that the login attempt is authentic, you will be logged into your account the same way!
If you have a Google Pixel 3 or 3 XL, do not press the "Yes" button to confirm your registration attempt Confirm it instead. This is because these phones have a Titan M security chip built right into them. Keeping the volume down key triggers this chip to approve the login attempt for an additional layer of built-in security, and it also protects against potential malware apps that could "hit" the "Yes" button using software hacks.  However, in our test this does not seem to work yet. We expect it to require an update to Google Play Services or a similar core system app, but expect this new method to work on Pixel 3 at some point in the near future.
Potential Questions and Concerns
Does this work for all your online accounts or just your Google -account?
right now This only works with your Google Account or when you access all Google services such as YouTube or Google Play. I'm sure Google will eventually expand into this and allow other websites and services to use this feature, but it is much too early to tell at this time.
Does this work with other web browsers other than Google Chrome?
The simple answer is no, not right now at least. Google Chrome is the only browser that supports this feature at this time, but as time goes on, I'm sure Google will expand it to other popular browsers as well. Because Chrome is already the world's most popular and widely used web browser on the market today, it really shouldn't be a problem for most people.
What if you can't get your phone to confirm the connection to allow you to sign in?
It may not work completely for all users ever since the new method of using your phone as a security key is still in testing, but expect an update to Google Play Services on your phone to address this once soon. Also make sure location and Bluetooth are enabled on your phone and just Bluetooth enabled on your computer. These are needed to connect the two works.
If all else fails, click "Cancel" on Check your phone 2FA prompt when you log in, and then select "Try Another Way" on the login page. Then, select "Enter one of your 8 digit backup codes" and then enter one of the codes you generated in Step 5 when prompted.
What if you lose access to your trusted devices and get locked out?
Google offers many different alternative options if you do not have access to your trusted devices. If all else fails, one of the best ways to make sure you are never locked out of your account is to use your backup codes. To do this, click "Cancel" at the prompt when you are prompted to check your phone, then select "Try another way" on the login page and select "Enter one of your 8-digit backup codes . "
How is this other than Google's old "Use your phone to sign in" prompt?
For years, Google has allowed you to use your phone as "something you have" aspect of 2FA when you sign in to your account on another device. This worked the same way as the new method of using your phone as a security key, but with a big exception: when you dropped "Yes" to the old prompt, Google did not confirm that your phone and the device you are logging into into was in the same physical proximity. This old system was completely web-based, but since the new system uses Bluetooth and location services, it can verify that the two devices are physically close together, reducing the chances of a remote control hack.
Don't miss: The best phones for privacy and security