What is the Google Titan Key?

Could this be the end of all phishing attacks?

Tuesday 7th August 2018


At Scanguard, we’re big fans of two factor authentication, and we think it’s a very sensible tool in the fight against phishing. If you don’t have 2FA set up yet, you can try it out on sites like Amazon, and even HMRC.

But Google’s just introduced a hardware device that goes one step further.

Its new Titan Key promises to protect users against phishing attacks by ensuring that every login is securely verified. The Key is like a small USB stick, and it works in a similar way to your bank’s security token, exchanging information with the site and allowing you to log in.

Secure Logins via USB or Bluetooth

Using the Titan Key, you can securely verify logins to sites hosted by Google as well as third parties with a press of the button on the key. So it can check that it’s really you when log into G Suite (formerly Google Apps), and it can also verify your identity when you access your Facebook account -- for example.

Google’s trialled this internally. In 2017, 85,000 employees used them, and there were zero account hacks.

On a basic level, the site you log into and the Titan Key have a key pair. If you try to log into a fake site using the Titan Key, the login won’t work, because the scammers won’t be able to create the code that the Titan Key needs to verify the login.

The Titan Key uses FIDO Universal 2nd Factor security, or U2F for short, and it works with mobile or desktop logins.

Google’s targeting the Titan Key key at IT workers, but there’s no reason why security-conscious personal users can’t have them. Although it can be a bit of a hassle to carry a USB device around, the plus side is that it prevents almost all phishing attacks -- so it’s an inconvenience worth considering.

Also, if you’re not a fan of typing in 2FA codes, or you prefer not to carry your phone around all the time, a hardware key is likely to be a more convenient solution. You still need a password, but the additional level of security is handled by the key, not the SMS code or authentication app.

Titan Key Pricing and Availability

The Google Titan Key is available as a Bluetooth or a USB device; you’ll need the Bluetooth one if you want to use it with your phone or tablet.

It isn’t the first device in its class; there’s also the YubiKey, which is already established (and gets rave reviews), and also the Feitian range of keys.

The Yubikey retails for around £40 in the UK. The Titan Key’s price isn’t decided, but rumours suggest that it’ll retail for $20-$50 in the USA, depending on the model. A UK price hasn’t been announced.

If you do decide to use a physical security key, remember: forget your key, or lose it, and you’re locked out of everything. If you’ve not tried 2FA yet, start there. 

Award winning antivirus protection from Scanguard. Stay 100% safe from malware and online threats.

Industry Latest

Google Doorbell With Facial Recognition Raises Privacy Concerns
Nest, the smart home company owned by Google, has launched a new doorbell with facial recognition that will scan your visitors and store their facial data in the cloud
12 October 2018

Security & Privacy

The Privacy Paradox; Do We Really Care About Privacy Online?
Every week, IT security blogs give out the same information to businesses and consumers: stay off public WiFi, use a VPN, and use a password manager
11 October 2018

Tips & Advice

How to Prevent Malware Infection in Kodi
Three popular add-on repositories for the Kodi media player have been allegedly spreading cryptojacking malware which has been circulating since December 2017
10 October 2018