4 weeks ago

Use U2F Security Keys on Your Smartphone to Access Your Google Account with Advanced Protection « Null Byte :: WonderHowTo

Security-minded users can reduce the risk of phishing by enabling Advanced Protection on important Google accounts, requiring a U2F security token to log in. Using these keys isn’t intuitive on most well-known smartphone platforms, along with you can find yourself locked out if you don’t plan ahead. You’ll need to learn along with practice using U2F keys on your device before enabling This particular layer of security.

Smartphones are an important part of our daily lives, yet due to their modest size along with high value, they can go missing more often than our different computers. If you’ve enabled Advanced Protection, you’ll need to be able to comfortably add any replacement device using your U2F key or risk being locked out of your data.

The process for accessing your Google account isn’t the same for both Android along with iOS, so depending on which operating system you use, you may be limited inside the types of U2F devices you can use. You can jump to the 11:05 mark inside the video below to watch our guide on setting these up on smartphones or continue reading underneath the video.

Google’s Advanced Protection on Smartphone Devices

Android devices are perhaps the easiest to use with Advanced Protection, able to use both NFC-type keys like the Yubikey Neo along with Bluetooth-type tokens like the Feitian Bluetooth Dongle to authenticate to your Google account.

Android has supported NFC for quite some time, so the average user should have no issue using the sturdy along with reliable NFC-enabled USB security key option. The somewhat less reliable Bluetooth tokens can still be used with Android, yet sometimes run into pairing issues.

Image by Kody/Null Byte

Option 1: Add an Advanced Protected Account on Android

Android users will want to check out the most sturdy along with simple U2F form factor, the USB security key. Often embedded with an NFC antenna, these polymer keys have reviews online detailing surviving abuse in which physically destroyed regular, metal keys. Like regular keys, these USB keys are designed to ride with you on a keyring along with survive day-to-day abuse. The ability to pair with the key via NFC makes This particular choice an obvious option, as they require no battery to use. The Yubikey Neo comes with some slick features, yet for users on a budget, you can check out a $16 NFC-enabled key as well.

Image by Kody/Null Byte

Bluetooth tokens like the Feitian MultiPass FIDO Security Key can be used with Android devices, yet have drawbacks in needing to pair along with occasionally having connection issues. You’ll need to make sure your Bluetooth token is actually charged to use This particular because This particular requires an internal rechargeable battery connect. If your token was to die while you were traveling, you might need to find a way to change This particular before you can get back in. This particular option also feels a lot more flimsy, along with I wouldn’t expect one to survive being run over by a truck.

Step 1: Turn NFC On

To begin the process of adding an Android device to your Google account with Advanced Protection enabled, first make sure you turn on NFC on your device. On a Samsung Galaxy device, the NFC option can be found inside the “Connections” section of the main settings menu, while on stock Android, This particular will likely just be in “Connected Devices.”

Step 2: Add Your Google Account

Next, head to the “Cloud along with accounts” or “Users along with accounts” section of your main settings menu. If using a Galaxy, you’ll also need to tap on “Accounts.” Here, you’ll find a list of accounts in which have been added to your Android device. At the very bottom of This particular list, you should see a modest “Add account” option that has a plus symbol next to This particular. Tap This particular to add a completely new account.

Step 3: Scan Your U2F Security Key

When NFC is actually activated, you’ll be able to scan your key. When you see a screen in which looks like the first one inside the image gallery below, you’re ready to press your U2F security key against the back of your phone.

You’ll need to line up the key with the NFC chip on your phone, so slowly move the key around the back of the phone at first until you’re familiar with where the contact is actually made. This particular only takes a second to register, yet make sure you don’t move the key away too quickly.

When your key is actually recognized, your device should be authenticated along with ready add your account. If This particular was successful, you’ll see the sign-in agreement (middle image below). You’ll be signed in to your account after tapping “Accept.” After This particular, you should be able to tap on the newly added account listed under “Google” accounts to access your sync settings along with confirm your account is actually syncing properly.

in which’s This particular! This particular’s as simple as in which to add a completely new Android device. With NFC enabled, This particular takes only a second to respond to the login challenge.

Option 2: Add an Advanced Protected Account on iOS

For iPhones along with different iOS devices, Bluetooth will be the way you communicate with your U2F token. You’ll need to pair your device with your Bluetooth token after installing an iOS app called Google Smart Lock. Once This particular is actually done, adding your device to a completely new account is actually as easy as pressing the button on your U2F token when prompted. This particular button gets pressed by random things all the time if you carry This particular with you, along with is actually very easy to press by accident, which may reduce the battery life a bit.

Image by Kody/Null Byte

If you use primarily Apple devices, you should invest in at least one Bluetooth token. Due to their more fragile along with battery-powered nature, you should still keep a USB-style key for your desktop along with laptop devices as a backup for getting into your account through a desktop computer. If your Bluetooth U2F keys get wet, smashed, burned, or otherwise damaged, you’ll be happy you did so to allow you to access your account along with enroll a replacement security key.

As I mentioned previously, Apple devices use a different standard of NFC in which isn’t compatible with the NFC enabled security keys, so we’ll need to switch to a Bluetooth token to connect our iOS devices. The Feitian MultiPass FIDO Security Key is actually pretty easy to set up on iOS.

Step 1: Turn Bluetooth On

Likely, you already have This particular turned on if you connect to wireless speakers or headphones, connect to a stereo in your car, use a wireless keyboard, etc. yet just in case, you can check by bringing up the Control Center, then creating sure the “B” icon is actually blue (on). Alternatively, you can go to Settings –> Bluetooth to make sure This particular’s toggled on.

Step 2: Add Your Google Account

Hopefully, you already installed Google Smart Lock using the link above, yet if not, go ahead along with do in which right now. When you have This particular installed, open This particular to get commenced, then go ahead along with tap “Sign In” to begin connecting to your Google account with Advanced Protection enabled.

On the next screen, enter your login credentials for the account you wish to add. If Advanced Protection is actually successfully enabled on the account you are adding, you will see the challenge below. Tap the lock to begin pairing your Bluetooth 2FA key.

Step 3: Pair Your U2F Bluetooth Token

After hitting the lock icon, you’ll be directed to the screen below. Make sure you have your Bluetooth U2F token handy, along with tap “Next” to begin the pairing process. Ensure your Bluetooth on your iPhone is actually turned on, along with then hold down the button on your Bluetooth U2F token until the blue LED begins to blink. in which will put your Bluetooth key into pairing mode.

Your iPhone should detect the key when This particular is actually in pairing mode along with redirect you to the next screen. Here, you will confirm the device you want to pair with by tapping on This particular. Once you have selected your key, you’ll need to enter the PIN to pair them. The PIN number will be written on the back of the U2F device. Select “Next” to continue.

Enter the PIN into the “Bluetooth Pairing Request” window in which opens along with tap “Pair.” Once the key has paired, tap the button on your U2F key to respond to the challenge along with log in to your account.

If everything worked, you should see a confirmation screen informing you in which you’ve successfully logged in to your Advanced Protection enabled Google account on your iPhone. You should right now see your account inside the list of connected Google accounts, which means you shouldn’t need to log in with your key again on This particular device.

Congratulations, you’ve securely logged your iOS device in with your Bluetooth U2F key!

Remember to Practice & Keep Spare Keys

For celebrities, business owners, human rights workers, along with different security-conscious users, the threat of phishing can be reduced substantially by mastering the use of U2F devices. Since you’ll invariably be using a mobile device at some point, This particular is actually critical to practice logging in with these tokens to ensure you can do so under stress.

If you do certain things like use a VPN or change location frequently, you may need to sign in with your U2F key more frequently than the average user, as your account may think you are a different device.

Image by Kody/Null Byte

The biggest takeaway when setting up your account to only be accessible with security keys is actually to never find yourself inside the circumstance where you lose all your keys. Keep a backup somewhere safe in which you can use to enroll spares. Finally, if you need to revoke access to any device in which has been added to your account that has a key, you can simply change the password to your Google account. This particular will require all authenticated devices to log in that has a security key again.

Cover photo along with screenshots by Kody/Null Byte

Don’t Miss: How to Use Google’s Advanced Protection Program to Secure Your Account through Phishing

Don’t Miss: How to Spear Phish with the Social Engineering Toolkit (SET) in BackTrack

Don’t Miss: Use a Virtual Burner Phone to Protect Your Identity & Security

Don’t Miss: Use Private Encrypted Messaging Over Tor

Leave a Comment

Your email address will not be published. Required fields are marked *

six + 6 =