In the third part of my series covering Gmail Two Step Verification I will talk about an advanced topic: the Security Key option. The security key is a physical device that plugs into your computer’s USB port. By far the most common and popular iteration of this concept is the Yubikey. There are three current versions of this device: the Yubikey 4, the Yubikey Neo, and the Yubikey Nano†. All of these devices have slightly different capabilities, but their core function is the same. They serve as a strong second authentication factor.
To enable this option, you first need a U2F (Universal Second Factor)-capable device like a Yubikey. Log into your Gmail account. Click your avatar, then the blue “My Account” button. Navigate to Sign-in and Security, and Two Step Verification. Now scroll to and click “SET UP ADDITIONAL SECOND STEP“.
On the next screen you will be prompted to register your security key. This will require that you insert the security key. When instructed, touch the top of it. This will prompt it to transmit the unique code to Google.
To login with the Security Key, enter your username and password. You will be presented with the screen shown below. It will prompt you to insert your security key. You must then physically touch the ring on top of the key. This will transmit the unique code and verify your identity. The security key option is one of the most secure ways to use Gmail Two Step Verification. Your security key will also work on a number of other services. Dropbox, LastPass, Password Safe, and WordPress all support the Yubikey as a second authentication factor. It can also be used to unlock your full disk encrypted computer – just don’t lose it!
†Yubico recently sent me samples of the Yubikey 4 and Nano models. Look for a full review soon.
If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.