Chromebooks gain native support for 2FA and faster web sign-ins with Chrome OS 88

A few years back, I bought a Google Titan security key to bring the added security of two-factor authentication (2FA) to my Chromebook. I got my money’s worth out of it but I won’t need it much longer. This week, Google announced that Chromebooks are gaining the ability to use your device PIN or fingerprint sensor for 2FA on supported web sites.

Here’s how it works, according to Google:

“Now you can securely sign in to websites with the PIN or fingerprint you’ve set up to unlock your Chromebook with our new Web Authentication (WebAuthn) feature. Websites that support WebAuthn will let you use your Chromebook PIN or fingerprint ID—if your Chromebook has a fingerprint reader—instead of the password you’ve set for the website. And if you use 2-Step Verification to sign-in, your Chromebook PIN or fingerprint ID can be used as the second factor, so you no longer need to pull out your security key or phone to authenticate.”

For now, only a few sites and services support the new WebAuthn feature on a Chromebook. Dropbox, GitHub, and Okta are specifically mentioned, although I’d hope that Google’s own services support it too at launch.

This is a great step forward for additional security when using a Chromebook. Having a USB or Bluetooth key, which are older methods, certainly works, but they’re also easy to lose.

And while you can often use an authentication app (or the Google app) from your phone, that can be a small hassle too. What if your phone isn’t handy? Frankly, using the same device for a 2FA code or fingerprint scan is much simpler and faster.

Google says the new feature will be rolling out with Chrome OS 88, which I anticipate will arrive on Chromebooks soon.

My advice: Use 2FA for every site or app that supports it. If someone were to get any of your account credentials, they still couldn’t access your accounts without that second factor of authentication. Google just made it easier for you to be protected and harder for hackers to compromise your online servers. Why not take advantage of it?

2 thoughts on “Chromebooks gain native support for 2FA and faster web sign-ins with Chrome OS 88

  • January 29, 2021 at 6:34 am
    Permalink

    It’s not “2FA” if you’re using one device–really it is “two-step authorization.” What happens when you want to log in to one of these websites when you don’t happen to do it with your Chromebook?

    Reply
    • January 29, 2021 at 9:55 am
      Permalink

      I understand your point but… how is this any different from using a phone app that requires a 2FA code so you open your auth app to get the code on the same device?

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.