Passwordless is the next-gen authentication that is far more secure than using a traditional username and password. Essentially, passwordless authentication uses an encrypted key on a device — your phone, for example — to log you into an account. By using this method, it is far less likely that your accounts will be hacked by malicious users. On top of that, you won’t have to bother typing lengthy passwords to log into your accounts. Instead, you simply OK the login attempt on your phone, and — voilà! — you’re in.
Passwordless authentication avoids the usual hacking methods of traditional authentication, such as brute force, credential stuffing, phishing, keylogging, and man-in-the-middle attacks.
Google’s Chrome browser now includes the ability for you to set your phone as the security key to safely sign into your Google account. Anyone who’s used the Google ecosystem on an Android device — and has two-factor authentication enabled — has already experienced this. Once set up, when attempting to log into the associated Google account, you receive a pop-up on your phone allowing you to verify the login attempt.
In today’s world of constant cybersecurity attacks, you should consider this a must-use.
Keep in mind that this setup only works to secure your Google account. In other words, you’re not setting up every account you sign in on the Chrome browser to use your phone as a security key. Even so, this is a big step toward passwordless authentication.
If you want to enable the added security for your Google account, keep reading.
How to set your Android phone as a security key in Chrome
What you’ll need: To make this work, you’ll need the latest version of the Chrome browser, a phone associated with your Google account, and 2FA enabled on your Google account. I’ll demonstrate this with my Pixel 8 Pro, and desktop Chrome version 120.0.6099.199 running on Ubuntu Budgie.
Do make sure you have 2FA setup before you attempt to assign your phone as the security key for your account. If you find your version of Chrome doesn’t include the feature, make sure to upgrade to the latest version. Because Chrome is so often targeted by hackers, it’s important to always run the most recently released version of the app.
Once you’ve taken care of the above, your phone should then be listed in Chrome as a security key for your Google account. Now, any time you attempt to log in to your Google account from a new browser, you’ll be sent a confirmation pop-up on the phone you’ve added as a security key.
When prompted, tap Yes, it’s me and you’ll be allowed in. If you ever receive such a pop-up on your phone and you weren’t trying to log into your account, make sure to tap No, don’t allow to block any unwanted attempt.