Goggle At Google’s Vulnerable TFA Keys
Attack on Titan
It would seem that certain Bluetooth Low-Energy versions of Google’s Titan Security Keys are not the best choice when implementing TFA into your life. Those with a T1 or T2 on the back of the dongle are vulnerable to interception attacks, as are Feitian Technologies BLE security keys. There are two pieces of good news associated with this, firstly that the vulnerabilities are rather difficult to exploit, as explained at The Inquirer. The second bit of good news is that Google will replace all vulnerable keys, free of charge, simply by visiting https://myaccount.google.com/replacemykey, which will also tell you if you have one of the problematic keys associated with your account if you are unsure.
If you’ve updated to iOS 12.3 recently, this will also explain why your keys no longer work. Apple was quick to update their software to ensure you are protected. You can continue to use the keys as long as you stay logged into your Google account on iOS devices; Android users should expect to see an update blocking access next month.
Google is offering free replacements of its Titan Security Keys, used for two-factor authentication, after learning the widgets' Bluetooth connections could be compromised by nearby hackers.
More Tech News From Around The Web
- Apple’s ZombieLoad fix hits Mac performance by up to 40 per cent @ The Inquirer
- Apple reversal allows Valve’s Steam Link streaming app on iOS, tvOS @ Ars Technica
- PocketPi Is Exactly What It Sounds Like @ Hackaday
- Division 2 Multiplayer and Single-Player Campaign Broken By Latest Update @ Slashdot
- Sandisk wins the race to put the first 1TB microSD card in stores @ The Inquirer
- Epic discounts entire Game Store library in storewide “Mega Sale“ @ Ars Technica
