Google announced a new way to enhance its 2-step verification security called Security Key, which works through a USB device.
Security Key, Google says, is for “particularly security-sensitive” individuals. Don’t worry. If you’re just a common user, and want to use 2-step verification, you don’t have to carry the extra hardware around with you all the time.
Google explains in a blog post:
Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google. Rather than typing a code, just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished.
Security Key and Chrome incorporate the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, so other websites with account login systems can get FIDO U2F working in Chrome today. It’s our hope that other browsers will add FIDO U2F support, too. As more sites and browsers come onboard, security-sensitive users can carry a single Security Key that works everywhere FIDO U2F is supported.
You’ll have to buy a compatible USB device from a U2F participating vendor, but it works with Google Accounts for no extra charge. You can find devices for sale on Amazon.