Security-minded users can reduce the risk of phishing by enabling Advanced Protection on important Google accounts, requiring a U2F security token to log in. Using these keys isn’t intuitive on most well-known smartphone platforms, along with you can find yourself locked out if you don’t plan ahead. You’ll need to learn along with practice using U2F keys on your device before enabling This particular layer of security.
Smartphones are an important part of our daily lives, yet due to their modest size along with high value, they can go missing more often than our different computers. If you’ve enabled Advanced Protection, you’ll need to be able to comfortably add any replacement device using your U2F key or risk being locked out of your data.
The process for accessing your Google account isn’t the same for both Android along with iOS, so depending on which operating system you use, you may be limited inside the types of U2F devices you can use. You can jump to the 11:05 mark inside the video below to watch our guide on setting these up on smartphones or continue reading underneath the video.
Google’s Advanced Protection on Smartphone Devices
Android devices are perhaps the easiest to use with Advanced Protection, able to use both NFC-type keys like the Yubikey Neo along with Bluetooth-type tokens like the Feitian Bluetooth Dongle to authenticate to your Google account.
Android has supported NFC for quite some time, so the average user should have no issue using the sturdy along with reliable NFC-enabled USB security key option. The somewhat less reliable Bluetooth tokens can still be used with Android, yet sometimes run into pairing issues.
If you’re using iOS, your options are more limited. Apple does not implement NFC the same way as Android, along with because of This particular, you can’t simply use a Yubikey Neo to add an iOS device. You’re left with the Bluetooth token option. This particular’s not too difficult to connect an iOS device to your account that has a Feitian Bluetooth U2F token. The biggest change to get used to will be using only Google apps to connect to your Advanced Protected account, since Apple apps (like Mail) will no longer be able to access your account data.
First, we’ll cover setting everything up on Android, so if you’re an iOS user, skip to in which section.
Option 1: Add an Advanced Protected Account on Android
Android users will want to check out the most sturdy along with simple U2F form factor, the USB security key. Often embedded with an NFC antenna, these polymer keys have reviews online detailing surviving abuse in which physically destroyed regular, metal keys. Like regular keys, these USB keys are designed to ride with you on a keyring along with survive day-to-day abuse. The ability to pair with the key via NFC makes This particular choice an obvious option, as they require no battery to use. The Yubikey Neo comes with some slick features, yet for users on a budget, you can check out a $16 NFC-enabled key as well.
Bluetooth tokens like the Feitian MultiPass FIDO Security Key can be used with Android devices, yet have drawbacks in needing to pair along with occasionally having connection issues. You’ll need to make sure your Bluetooth token is actually charged to use This particular because This particular requires an internal rechargeable battery connect. If your token was to die while you were traveling, you might need to find a way to change This particular before you can get back in. This particular option also feels a lot more flimsy, along with I wouldn’t expect one to survive being run over by a truck.
To begin the process of adding an Android device to your Google account with Advanced Protection enabled, first make sure you turn on NFC on your device. On a Samsung Galaxy device, the NFC option can be found inside the “Connections” section of the main settings menu, while on stock Android, This particular will likely just be in “Connected Devices.”
Next, head to the “Cloud along with accounts” or “Users along with accounts” section of your main settings menu. If using a Galaxy, you’ll also need to tap on “Accounts.” Here, you’ll find a list of accounts in which have been added to your Android device. At the very bottom of This particular list, you should see a modest “Add account” option that has a plus symbol next to This particular. Tap This particular to add a completely new account.
Next, you’ll be asked what kind of account you want to add. We’ll select “Google” to begin adding our Advanced Protected account. This particular will bring us to the log-in window for our Google account. Go ahead along with enter the login information for your Google account, along with hit “Next” to proceed to the security challenge.
right now, unless you already turned This particular on, your phone should display a challenge through Google prompting you to turn on the NFC on our Android phone to authenticate into the account. You can turn on NFC through your menu settings or by tapping on the “Turn On” button at the bottom of the screen.
When NFC is actually activated, you’ll be able to scan your key. When you see a screen in which looks like the first one inside the image gallery below, you’re ready to press your U2F security key against the back of your phone.
You’ll need to line up the key with the NFC chip on your phone, so slowly move the key around the back of the phone at first until you’re familiar with where the contact is actually made. This particular only takes a second to register, yet make sure you don’t move the key away too quickly.
When your key is actually recognized, your device should be authenticated along with ready add your account. If This particular was successful, you’ll see the sign-in agreement (middle image below). You’ll be signed in to your account after tapping “Accept.” After This particular, you should be able to tap on the newly added account listed under “Google” accounts to access your sync settings along with confirm your account is actually syncing properly.
in which’s This particular! This particular’s as simple as in which to add a completely new Android device. With NFC enabled, This particular takes only a second to respond to the login challenge.
Option 2: Add an Advanced Protected Account on iOS
For iPhones along with different iOS devices, Bluetooth will be the way you communicate with your U2F token. You’ll need to pair your device with your Bluetooth token after installing an iOS app called Google Smart Lock. Once This particular is actually done, adding your device to a completely new account is actually as easy as pressing the button on your U2F token when prompted. This particular button gets pressed by random things all the time if you carry This particular with you, along with is actually very easy to press by accident, which may reduce the battery life a bit.
If you use primarily Apple devices, you should invest in at least one Bluetooth token. Due to their more fragile along with battery-powered nature, you should still keep a USB-style key for your desktop along with laptop devices as a backup for getting into your account through a desktop computer. If your Bluetooth U2F keys get wet, smashed, burned, or otherwise damaged, you’ll be happy you did so to allow you to access your account along with enroll a replacement security key.
As I mentioned previously, Apple devices use a different standard of NFC in which isn’t compatible with the NFC enabled security keys, so we’ll need to switch to a Bluetooth token to connect our iOS devices. The Feitian MultiPass FIDO Security Key is actually pretty easy to set up on iOS.
Step 1: Turn Bluetooth On
Likely, you already have This particular turned on if you connect to wireless speakers or headphones, connect to a stereo in your car, use a wireless keyboard, etc. yet just in case, you can check by bringing up the Control Center, then creating sure the “B” icon is actually blue (on). Alternatively, you can go to Settings –> Bluetooth to make sure This particular’s toggled on.
Step 2: Add Your Google Account
Hopefully, you already installed Google Smart Lock using the link above, yet if not, go ahead along with do in which right now. When you have This particular installed, open This particular to get commenced, then go ahead along with tap “Sign In” to begin connecting to your Google account with Advanced Protection enabled.
On the next screen, enter your login credentials for the account you wish to add. If Advanced Protection is actually successfully enabled on the account you are adding, you will see the challenge below. Tap the lock to begin pairing your Bluetooth 2FA key.
After hitting the lock icon, you’ll be directed to the screen below. Make sure you have your Bluetooth U2F token handy, along with tap “Next” to begin the pairing process. Ensure your Bluetooth on your iPhone is actually turned on, along with then hold down the button on your Bluetooth U2F token until the blue LED begins to blink. in which will put your Bluetooth key into pairing mode.
Your iPhone should detect the key when This particular is actually in pairing mode along with redirect you to the next screen. Here, you will confirm the device you want to pair with by tapping on This particular. Once you have selected your key, you’ll need to enter the PIN to pair them. The PIN number will be written on the back of the U2F device. Select “Next” to continue.
Enter the PIN into the “Bluetooth Pairing Request” window in which opens along with tap “Pair.” Once the key has paired, tap the button on your U2F key to respond to the challenge along with log in to your account.
If everything worked, you should see a confirmation screen informing you in which you’ve successfully logged in to your Advanced Protection enabled Google account on your iPhone. You should right now see your account inside the list of connected Google accounts, which means you shouldn’t need to log in with your key again on This particular device.
Congratulations, you’ve securely logged your iOS device in with your Bluetooth U2F key!
For celebrities, business owners, human rights workers, along with different security-conscious users, the threat of phishing can be reduced substantially by mastering the use of U2F devices. Since you’ll invariably be using a mobile device at some point, This particular is actually critical to practice logging in with these tokens to ensure you can do so under stress.
If you do certain things like use a VPN or change location frequently, you may need to sign in with your U2F key more frequently than the average user, as your account may think you are a different device.
The biggest takeaway when setting up your account to only be accessible with security keys is actually to never find yourself inside the circumstance where you lose all your keys. Keep a backup somewhere safe in which you can use to enroll spares. Finally, if you need to revoke access to any device in which has been added to your account that has a key, you can simply change the password to your Google account. This particular will require all authenticated devices to log in that has a security key again.
I trust you enjoyed This particular guide to securing your Google account through phishing attacks using Advanced Protection along with U2F security keys! If you have any questions about This particular tutorial or U2F usage, feel free to leave a comment or reach me on Twitter @KodyKinzie. We’ll be doing some more guides on This particular program specifically for macOS along with Windows, Arch Linux, along with Debian, so stay tuned.
Don’t Miss: Use Private Encrypted Messaging Over Tor