If you’ve configured two-step verification for your Gmail account, rather than checking your mobile for codes you can plug in a verified USB stick instead. You can carry it wherever you go, and of course, it doesn’t lose battery or signal. According to Google, it also offers better protection against phishing attacks. Here’s how you can set it up.
What you need first is a USB stick that’s compatible with the FIDO Universal 2nd Factor (U2F) standard. A variety of different models are available, which shouldn’t break the bank — in this guide we’re using the Yubico Security Key. You’re also going to need the latest version of Chrome (40+) on your Chrome OS, Windows, Mac OS, or Linux machine.
Head to the two-step verification page from your Google account portal: it’s under Signing in to Google. If you don’t already have the two-step process switched on, it’s time to improve your account security and set it up. If you have the additional layer of security already in place, Security Key appears as one of the alternative options along the top of the settings page.
Choose Add Security Key to begin the setup process. Click the Register button, push your key into a spare USB port, then tap the button on the stick itself. Click Done and you’re all set — whenever Google’s two-step verification process kicks in (usually when you’re signing in from a new computer), you can use the stick in place of the Authenticator app on your phone.
The same key can be used with multiple accounts but of course keep a safe watch on your backup codes and have the Authenticator app ready to go as well should your new ultra-secure USB keyring go missing. In places where you can’t use the stick—on phone and tablets, for example—you’ll be prompted for a verification code instead.