. https://lifars.com/2019/05/flaws-found-in-googles-titan-security-key/
blog article
Google recalled their Titan hardware security keys this week after discovering serious vulnerabilities. The vulnerability existed due to a misconfiguration in the keys, which allowed attackers to hijack the security keys. The Titan security keys are physical devices which offer two-factor authentication (2FA) for Google account users. When users try to access online services and have given their username and password, they can use the key for as a second password. This offers an extra layer of physical authentication for users. The keys work with Google accounts, as well as accounts that support the FIDO U2F standard for hardware keys. Google began offering two types of hardware keys in July 2018. A USB key, which plugs into a computer for authentication and a Bluetooth Low Energy (BLE) version which connects wirelessly to your computer for authentication. The vulnerability discovered by Microsoft found that the flaws existed in the Bluetooth version. READ MORE