We all know about the two-factor authentication system that has existed for Google accounts for the past few years. And no matter the device you log in to your Gmail account, Google will aggressively prompt you in setting up a 2FA or 2-step verification (2SV) for more security even you already have it.
The 2-Step Verification (2SV) as the company refers it too includes physical security keys that plugin over USB, and it also offers phone security keys. We even have an authenticator app for Android OS. However, the latest attempt from Google has turned its very own Chrome for Android into a security key for Google Account sign-in.
The procedure for this goes as follows, right after entering username and password, users who have their 2FA/2SV enabled on their Google Account will be able to confirm their logins in a couple of ways. Firstly they will be by tapping “Yes” on the “Google Prompt” notification that appears on both Android and iOS provided you have Google and Gmail app installs, I am looking at your custom ROM users. The second way is by long-pressing on the volume button if you have a “phone security key” set up.
However, the second way is a little bit more stringent than the notification button and looks pretty much like mimicking a USB-C/A security key as Bluetooth is used to communicate between the phone and desktop to confirm proximity. However, for this method users need to set up a phone security key manually beforehand.
Upon entering your credentials on a laptop, users will get the usual “Are you trying to sign in?” notification which opens a fullscreen page with “Yes” and “No, it’s not me” at the bottom. Google notes how:
Someone is trying to sign in to your account from a nearby device
The important part here is the “nearby device,” which differentiates this from any simple Google Prompt notification. Once confirm users will be redirected to a “Connecting to your device” page with rotating animation.