5/30/2023 0 Comments Titan 2fa![]() ![]() ![]() The phone as a security key (PaaSK) standard was announced at Google Cloud next 2019 and instead of having an external Titan Security key to hand, all that would be required is to unlock your Google account-linked Android device and press a button to approve the log-in in real time. Most recently, Google announced that a new form of its Titan Security keys (opens in new tab) would be made available to all Android phones running Android 7.0 or later, with its line of Pixel phones getting a slightly more secure version too. "However, there is no such thing as perfect technology, so I'm glad Google is taking the initiative and recalling these keys." "From a technology perspective, these keys are amazing they make security a lot easier to consume", he added. "In addition, lots of people conduct business in public places like coffee shops and airports, so connecting a dongle to a device isn't that farfetched." ![]() "The fact you must be within 30 feet of the security key isn't an issue, especially when you consider how fast compiled and scripted software can run," said Mark Miller, director of enterprise security support at Venafi. ![]() It could be argued that a situation where an attacker that has your account credentials, knows you use a Titan key and is within 30m of your location would be unlikely to occur, but it's still serious enough to prompt Google into taking action by replacing all affected keys. If this is achieved, the attacker could bypass the authentication process and start to make changes to the user's device by mimicking an external keyboard and mouse. A flaw in this connection means that an attacker could trick the phone or laptop into thinking the attacker's own device is the security key. Titan keys work by acting as another authentication step and are linked with a user's device, such as a phone or laptop, via a Bluetooth connection. ![]()
0 Comments
Leave a Reply. |