How to Protect Your Google Account With Yubikey
If you haven’t added a second layer of security to your Google account, you are more vulnerable than you think. You might think you’re safe if you use SMS to protect your accounts, but even that has its own security concerns when compared to alternative verification options . You can use an authenticator app, which is more secure, but it relies on you entering a multi-digit password every time you sign in on a new device or new app. Instead of copying and pasting numbers from time to time, just to send a few Hangout messages, try using Yubikey . It is a tiny USB stick that acts as a two-factor authentication tool for various services and operating systems. For now, let’s just start by blocking your Google account.
How Yubikey works
Yubikeys are hardware security keys that look like tiny USB sticks (sorry, you can’t store anything on them). Basically, these are one-touch authentication tools that you insert into your computer (or, in the case of a compatible model, press your NFC smartphone) to verify your identity. Windows , macOS and Linux support hardware authentication tool, and sites like Facebook , Google, Dropbox, Github are also among the 50+ supported services .
It doesn’t have to be the only form of 2FA you use – you should also use a 2FA app whenever you can. You can also link multiple Yubikey to the same account, so if you have one on your keychain and the other is plugged into your personal or office computer, using both gives you much more security if you lose one. Even if someone steals it, they won’t be able to access your accounts without a username and password, and you can remotely deactivate keys from already secured accounts using either the second Yubikey or another authentication method.
Protect your Google account first
To set up a security key, you need to dive into the security settings of your Google account. You can have two-factor authentication enabled (using an app instead of SMS, I hope) or a smartphone as a one-touch Google login prompt , but you’ll have to disable the latter to enable the hardware security key. Also, make sure your dongle is not connected to your computer before setting up.
To get started, go to your Google account sign-in and security page , where you’ll have the option to customize your sign-in options. Select Sign In to Google, then click Two-Factor Authentication. Scroll down until you see the Security Key option and click Add Security Key.
Follow Google’s instructions: connect, tap and name your Yubikey to link it to your account. After this one-time setup, you will see your Yubikey listed as two-factor authentication options.
To try it out, sign out of your Google account. When you log in again after entering your email address and password, you will be prompted to tap the Yubikey’s touchscreen to transmit an authentication code – no app required.
Get rid of your SMS authentication
Now that you have an authenticator app and Yubikey — the two secure methods for authenticating your account — you should ditch the weakest link, which is your SMS verification option. On the Google 2-Step Verification page, click the edit button next to your phone number and select Delete Phone. Your Google account is now free from vulnerable SMS authentication, and is further secured with physical hardware that you can take with you wherever you go (or turn into an incredibly functional fashion accessory ).