Goggle At Google’s Vulnerable TFA Keys

Source: The Inquirer Goggle At Google’s Vulnerable TFA Keys

Attack on Titan

It would seem that certain Bluetooth Low-Energy versions of Google’s Titan Security Keys are not the best choice when implementing TFA into your life.  Those with a T1 or T2 on the back of the dongle are vulnerable to interception attacks, as are Feitian Technologies BLE security keys.  There are two pieces of good news associated with this, firstly that the vulnerabilities are rather difficult to exploit, as explained at The Inquirer.  The second bit of good news is that Google will replace all vulnerable keys, free of charge, simply by visiting https://myaccount.google.com/replacemykey, which will also tell you if you have one of the problematic keys associated with your account if you are unsure. 

If you’ve updated to iOS 12.3 recently, this will also explain why your keys no longer work. Apple was quick to update their software to ensure you are protected.  You can continue to use the keys as long as you stay logged into your Google account on iOS devices; Android users should expect to see an update blocking access next month.

Google is offering free replacements of its Titan Security Keys, used for two-factor authentication, after learning the widgets' Bluetooth connections could be compromised by nearby hackers.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!