A few simple practices can reduce the risk of exposing your internet accounts to hackers. You should use a unique password for every account you have — one that’s long and hard to guess. You should also get a password manager to protect those passwords. Finally, you should use two-factor authentication (2FA) whenever possible. This will add another layer of security to those apps and services that support 2FA. Google is one of the companies that offers 2FA for its apps. If you happen to be a Chrome user on Android, you’re in luck: You can use the mobile browser as a 2FA security key when logging into Google apps on a computer.
There are plenty of ways to perform two-factor authentication. Some involve connecting an actual security key device to the PC. Or you might choose to get a text message or a notification in an app to verify your log-in. The latter is how 2FA for Chrome works on Android, although the feature is only available in a beta release.
How to use Chrome on Android for 2FA
Google turned its mobile browser into a 2FA security key, 9to5Google explains. To take advantage of it, you’ll have to install Chrome 93 beta on an Android device and then attempt to log into your Google account from a nearby computer.
Upon entering the credentials, you’ll get a notification on your Android phone asking you if you’re trying to sign in. Google actually says in the prompt that “someone is trying to sign in to your account from a nearby device.” That’s an indication that the phone knows it’s in the proximity of the laptop where the Google account log-in has been performed.
You can choose between Yes and No, it’s not me, when you see the prompt. Confirming that you’re trying to sign into our Google account will turn Chrome into a 2FA authenticator on Android. You’ll then log into your account.
The Chrome security key surprise
You might think everything you’ve just experienced is just Android being able to help out by providing security key functionality. But 9to5Google explains that opening the multitasking menu is enough to realize the notification did not come from Google Play services. The screen comes directly from Chrome, so the 2FA functionality is part of the browser experience on Android.
To take advantage of the feature, you’ll need to have Chrome Sync enabled and sign-in on the two devices using the same Google account. The latter makes sense, of course. That’s the only way to verify the same person is using two nearby devices to access the same Google account.
It’s unclear when the Chrome 2FA functionality will be available to all Android users, but the discovery indicates Google is already testing it out in the wild. While the feature might be available on all Android devices that will run a stable version of Chrome 93 or later, there’s no telling when or if iPhone users will get a similar treatment.