The Titan Security Key is designed to help users protect themselves against phishing attacks and account takeover by using FIDO standards for two-factor authentication (2FA). The product uses cryptography to verify the user’s security key and address when they log in to their account.
The problem impacts the Bluetooth Low Energy (BLE) version of T1 and T2 Titan Security Keys; USB and NFC security keys are not affected. Google has set up a page where users are informed whether or not they have any impacted security keys connected to their Google account.
The security issue, described as a misconfiguration in the Titan’s Bluetooth pairing protocols, was reported to Google by Microsoft.
Leave a reply
