2FA for the masses…
Two-factor authentication (a.k.a., 2FA) has been around for decades. I first used early versions of this technology back in the mid-nineties. When I first used it, I authenticated to secure servers using an RSA token. Since then, I’ve used numerous 2FA tools for numerous work assignments.
Over the years, the token has changed
My first token was a card. It had a small LCD screen that displayed an access code. After a fixed time had elapsed, a new code was generated. From this beginning, I migrated to a standalone (i.e., disconnected) token. Since the nineties, I’ve had dozens of RSA tokens. But when I was with the Department of Defense, I used a Common Access Card (or CAC) to log into most systems. And in the past few years, I’ve used mobile phone apps that would display time-based access codes.
A few years ago, I decide that I wanted to enable multi-factor authentication on every public service that would support it. And I wanted to make sure that I used a token that I could carry with me. I chose the Yubikey token. I can use that token by inserting it into a USB connection. I can also use near-field communications (NFC) to tap the token on my phone. Once authenticated on the device, I got the traditional rotating code that I could use on almost any service.
Google finally gets into the 2FA token market
Google has supported multi-factor authentication for a number of years. But until today, Google never produced a token. Their new product – branded the Titan key – will provide 2FA for cloud services. And let’s be clear about this: the Titan key is nothing new. However, it is coming from Google. And Google WILL support this device. More importantly, other service providers will support this device. Most importantly, since it is coming from Google, consumers will purchase the product in dizzying numbers.
Bottom line:
Google just put their enormous stamp on 2FA for consumers. If you’re not yet using two-factor authentication (either at home or at work), then Google has now put you on notice.