A year after introducing it for Android phones, Google has today announced that iPhones can now function as physical two-factor security keys for logging into the company’s own services like Gmail in Chrome. This authentication method is a lot more secure than the two-factor prompt you’re likely used to, as it requires your iPhone to be physically in the computer’s proximity.
Two-factor authentication adds an extra layer of security to your accounts. However, SMS and internet-based two-factor processes have been in the past failed to prove as secure as one would hope for. Google’s solution for that takes advantage of your phone’s Bluetooth to turn it into a dedicated security key and ensures you’re physically authenticating the login.
In addition, the new Google Smart Lock update is said to be storing your credentials in the same Secure Enclave section of your iPhone’s chipset that’s also responsible for housing other sensitive data such as Touch ID and Face ID biometric information — which is why it’s only available on iOS 10 and above.
To set this up for your accounts, you will have to first head over to the app store and download the free Google Smart Lock app. Once it’s installed, log into your account, follow the on-screen instructions and you should be up and running in a couple of minutes. Now, whenever you try to sign in to a Google service on Chrome, you will be asked to authenticate the access on your iPhone through a push notification as long as it’s within the computer’s Bluetooth range.
What’s more, the added functionality makes iPhones eligible for Google’s Advanced Protection Program, the search-engine company’s most secured defense against attacks like phishing. It was designed primarily for users whose data is constantly under hackers’ crosshair including activists, journalists, and political campaign teams. The program already supports Android phones (7.0+) and physical security keys.
Google’s physical key feature for phones is currently restricted to Chrome and won’t work on other browsers like Firefox. If you have configured it and you attempt to sign-in on non-compatible browsers, you will have to select an alternate two-factor method.