If you want to add an extra security layer to your accounts, enabling two-factor authentication is a smart move. Most services offer SMS as a medium to deliver the two-factor authentication code. But we all know that phone numbers are easily spoofed, at least in the US. So, using a third-party authenticator like Authy (free) is always preferable. Even better is using a physical security key that plugs into your phone or computer. But, although physical security keys are more secure, they are cumbersome to use. That’s why, a new solution, where our phones are used as physical security keys, has become popular. With the latest update to Google Smart Lock app, now you can use your iPhone as a physical security key for Google Accounts. Here, we show you how you can enable Google Smart Lock on your iPhone.
Use iPhone as Physical Security Key for 2FA on Google Account
Before we proceed, let us get a few points out of the way. The new Google Smart Lock feature uses your iPhone’s built-in security key. This is different from Google Prompt which has existed for quite a while now. While these both share similar UI, they are different. Google Prompt uses login information saved on your phone to authenticate the login which is not as secure.
Using the new feature is akin to using a physical security key where your phone is acting as the key. It is incredibly secure and resistant to phishing attempts. It also means that your iPhone needs to be physically near (within Bluetooth range) the device that wants to log-in as the login prompt is not sent over the internet. It is using iPhone’s Secure Enclave found on Apple’s A-Series chips as the security key.
The last thing to know is it currently works only when you are signing into your Google Account using Google Chrome. Also, Bluetooth needs to be turned on both the login devices and your iPhone to get the activation prompt. With all that said, let’s get to the steps, shall we?
Steps for Enabling iPhone’s Built-in Security Key as 2FA on Google
Before you begin this process, remember to turn-on 2FA on your Google Account. For the security key to work, you need to enable two-factor authentication. To enable 2FA visit the Google Account Security Page and enable it. You can choose any of the options mentioned there (phone number, Google Prompt, etc.) as we are going to change it to the built-in security key using the steps below.
1. Download the Google Smart Lock app (free) from the App Store. If you have the app installed, update it to the current version.
2. Launch the app and tap on the “Get Started” button. It will automatically prompt you to set up your iPhone’s built-in security key. Tap on “Yes, I’m in” button to proceed.
3. On the next page, allow Bluetooth access by tapping on the Allow button and then confirming it.
4. Similarly, allow notifications.
5. Now, Google will ask you to log into your Google Account. Enter your password to proceed.
6. Tap on Next and then Google will start verifying your iPhone. Once your phone is verified, tap on your iPhone’s name to complete the process.
Stuck at Verifying Error?
For some users, the setup process might get stuck (step 6). The reason is that you have not set-up two-factor authentication on your Google Account. As I said at the start, you need to enable 2FA on your account before you can use your iPhone’s built-in security key.
Does it Only Work with Google Chrome?
The short answer is yes, you will not be able to use this feature on Safari. So, if you are using Safari as your primary browser, you should not enable this feature. That being said, Apart from Google Chrome, I tested this feature on Brave (download) and Mozilla Firefox. The login attempt worked on the former but not on the latter. This says to me that any browser with the Chromium Engine should work with this feature. So, if you are using browsers like Opera, Vivaldi, Epic, and more, that are based on chromium, this feature should work.
iPhone as Google Security Keys for 2FA: Final Thoughts
I love this new addition to use iPhones as a security key for Google Account. This improves the security of my Google Accounts. The only drawback is that it won’t work with Safari (try cool Safari extensions) or Mozilla. That is going to be a big problem for a chunk of Mac users. I am hoping that Google will start supporting these two browsers to give everyone a chance of securing their Google accounts.