Most big-name web services like Gmail, Microsoft, Evernote, WordPress and Dropbox now support 2-step authentication to improve the security of your online accounts. Once you enable two-factor authentication, a malicious person will not be able to log into your online account even if they know the password - they’ll need access to your mobile phone as well to get in.
The verification codes required for logging into a 2-step enabled account can be generated either using a mobile app - like Authy or Google Authenticator - or you can have them sent to your mobile phone via a text message or a voice call. The latter option however will not work if the mobile phone associated with your account is outside the coverage area (like when you are in a foreign country).
There’s another option that makes the process of logging into a 2-factor enabled account Google less cumbersome. Instead of generating the verification codes on a mobile phone, you can use a hardware based authenticator that can be inserted into a USB port on your computer and you’ll be signed-in automatically without having to hand-type the digits.
The option works for both Google and Google Apps accounts and you don’t even need the mobile phone - watch video demo.
I am using the least-expensive Yubico key though there are more options to choose from. The first stop is to associate the USB security key with your Google Account. Go to myaccount.google.com, click on 2-step verification and then switch to the Security Keys tab. Here click the Register Device button and then insert the USB key into the computer to attach it to your account.
Once registered, you can use your USB security key to log into your Google Account from any other desktop or laptop computer without requiring the mobile phone. Simply open the Google login page, type in your username & password, click the Sign-in button and then insert the USB key. The lights will blink on the device, you need to tap it once and it will instantly log you into the account. Internally, the key generates the codes that are sent to Google servers and you are logged in.
The USB security keys require no software and they are compatible with Windows, Mac, Chrome OS and Linux computers. They need no batteries, they are tiny like a regular USB thumb drive but also rigid. You can also associate multiple Google Accounts with the same USB key which can be a huge timesaver for some users.
USB Security Keys make 2-factor authentication painless but you can only use them inside Google Chrome on desktop and laptop computers. You’ll still have to rely on SMS messages, or the authenticator app, for logging into Google on your mobile phones or in browsers like Firefox and Opera (download video).