As most of you already know that Google 2-Step Verification offers an extra layer of protection for your account, making it even harder to get hacked. Once you have enabled this feature, you’ll be asked to provide a verification code to sign in along with the password. This verification code is sent to your registered mobile phone number. So in this case even if hackers gets your password, they don’t have your phone and therefore can’t login.
Now Google not only beefed up the two-step authentication but also made it easier and even stronger. You don’t need to have your mobile phone always around you, rather you can purchase a physical USB stick and use to verify your identity when logging into Gmail and other Google services.
Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google. Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. Security Key and Chrome incorporate the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, so other websites with account login systems can get FIDO U2F working in Chrome today.
Keep in mind that to use Security Key, you have to be using a computer with Windows, Mac OS, ChromeOS or Linux with Chrome broswer 38 or later installed on it. You will still be able to use a verification code the way you normally do on any device that doesn’t support Security Key, like mobile phones and tablets.
Security Key works with Google Accounts free of cost, but you’ll need to buy a compatible USB device directly from a U2F participating vendor.