Priyanka Vergadia

Mar 21, 2021

2 min read

How important are security key in zero trust?

Security keys and zero trust

GCP Comics #6 Security keys in Cybersecurity

Security Keys provide the highest level of login assurance and phishing protection.

Security keys and zero trust
  • A key must be registered in advance to a specific account, an action you take once to enhance the level of security for your sign in.
  • The security key and the website perform a cryptographic handshake, and if the site doesn’t validate the key’s identity, including matching a previously registered URL, the login is stopped.
  • Using open standards (FIDO) the same security key can be used for multiple sites and devices. You only need to carry one around, and they can be used for both personal and work accounts and devices.
  • The firmware of Google Titan Security Keys is engineered to verify integrity, preventing any tampering.
  • They come in all kinds of shapes and sizes, so you can get USB-A, USB-C, or NFC to match the use case that fits you best!
  • In our experience deploying security keys to replace older forms of 2-Step Verification, we’ve seen both faster logins and fewer support tickets raised.

Resources