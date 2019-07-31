Follow Slashdot stories on Twitter

 


Google on Wednesday announced it's making its Titan Security Key available via the Google Store in multiple new countries: Canada, France, Japan and the United Kingdom. Google launched the second-factor security key last year, starting with availability in the US. From a report: Google touts the Titan Security Key as one of the best ways to protect Google Accounts from hacking and phishing, especially high-value accounts that are regularly probed and attacked. The key is used as part of Google's Advanced Protection Program. Based on FIDO open standards, the security key comes in both USB and Bluetooth varieties. Back in May, Google had to issue replacements for the Bluetooth keys due to a vulnerability in the pairing process.

  • Still don't want one (Score:4, Insightful)

    by Sebby ( 238625 ) on Wednesday July 31, 2019 @02:25PM (#59018812)
    I don't know why anyone would trust a 'security key' made by the one of the world's worst privacy rapists.

    • This is by Google, not Facebook.

      While Google Collects a lot of data, it tends to be far more responsible protecting privacy than other companies.

        This is by Google, not Facebook.

        I fail to see any real distinction.

        Facebook is a level 1 privacy rapist.
        Google is a level 2 privacy rapist.

        (Higher = worse). So Google is slightly better. A "slightly better" privacy rapist is still a privacy rapist.

    • I don't know why anyone would trust a 'security key' made by the one of the world's worst privacy rapists.

      Because they don't want the competition for your private data?

    • I get what you are saying, but many of us work in organizations where Google is embedded anyway and some of our staff is susceptible to phishing attacks. This is certainly the case in my workplace.

      Sure, I'd rather lock Google out too, but given that I can't, I'll take locking out the non-Google baddies as a win.

      (When I have a choice, I just use Authy.)

    • Because they are really good at keeping THEIR DATA safe.

  • at Google Store in Canada here. Looks like I can buy a bundle with the USB and Bluetooth key for $65. I have no use for the Bluetooth model. If they separate them I might buy one, I've considered a Yubikey for $25 on Amazon. For now I'll just keep using the Google Authenticator app on my phone.

    • $85 to keep my data "secure" - for some shitty value of secure when they will exploit it any way they can? If they don't want others to exploit people's data, let them give it away. There's no reason to pay a penny to give them exclusivity.

      I found a free way to protect my data from Google and any free services I use - stopped using them. No gmail , no YouTube, no maps, no translate, no chrome. Easy way to save $85.

      • Well it does not really keep your data "secure", it's just an authentication protocol.

        But for whatever service you have not stopped using, 2FA is still a good idea.

    • There is an open source Fido dongle called SoloKeys https://solokeys.com/ [solokeys.com]
      Disclaimer: I don't have one. I am not associated with the project in any way. At some point in my life I just bookmarked the page.

  • Too expensive (Score:3)

    by Dorianny ( 1847922 ) on Wednesday July 31, 2019 @03:25PM (#59019236) Journal
    Security keys might catch on in the West if they cost ~$5, in the developing world they would have to cost $1 or less

    • Security keys might catch on in the West if they cost ~$5, in the developing world they would have to cost $1 or less

      Yep. The $50 USD price is just too high. It's the same price as a Yubikey Nano while being much larger physically. You do get both a bluetooth and a USB key for that, but I have no use for the Bluetooth key so it's just e-waste to me. $5 is much more palatable. I'd go as high as $10 or $15 even. $50 sounds like some marketing wonks "optimization" to make people feel like they're getting something special.

    • My employer uses RSA SecurID fobs. The tokens and software are rather expensive, but they are good at what they do.

      The key here (no pun intended) it to make it cheap enough for non-enterprise users to have two factor auth. This is another step along that path, that is all.

  • The best way to protect your Google account(s) from hacking or phishing is to not have them in the first place. You also get the added benefit of not being spied on by Google.

