How to use your iPhone as an encrypted Google security key

Lock down your account without carrying around an extra device.

Credit: IDG

Android users have been able to use their phones as Google security key for a while now, and now Google is finally making good on the promise to bring the same functionality to the iPhone. An update to the Google Smart Lock app this week turns your iPhone into an honest-to-goodness FIDO2 key, using the Secure Enclave to skip SMS and keep your accounts safe.

It only works with Google accounts so far, but it’s a great tool for security-minded users. Instead of relying on one-time passwords delivered over SMS, you’ll be able to use your iPhone to log into your account on another PC, Mac, or iOS device quickly and securely without spending money on a separate hardware key. This method doesn’t work on Android phones and any browser activity will need to be done using Chrome. Any iPhone with a Secure Enclave will work, which is any phone after the iPhone 5S. (It's unclear if the iPhone 5S supports the feature, as it packs a Secure Enclave but doesn't support iOS 13.)

google smart lock iphone IDG

Setting up your iPhone as a security key takes just a few taps.

Obviously, you’ll need to have two-factor authentication (2-Step Verification here) turned on for your Google Account to take advantage of the extra layer of security, so if you don’t, go do it now. Once that’s set up, here’s how it works:

  1. Download or update the Google Smart Lock app from the App Store
  2. Log into the account you want to use as a security key
  3. Follow the prompts to set up your phone’s built-in security key
  4. Tap Manage Accounts and select your security key-enabled account
  5. Select the Security tab on the next screen
  6. Tap 2-step Verification
  7. Scroll down to Your second step
  8. If your iPhone isn’t there, tap Add Security Key and select your phone from the list

And that’s all you need to do. Now when you sign into a Google service on a new device, you’ll be able to use your iPhone to authenticate your account.

google account security key IDG

Once you go through the set-up process, your iPhone will appear alongside any security keys you have linked to account.

As long as they’re within Bluetooth range (and Bluetooth is turned on for both accounts), you’ll get a prompt on your iPhone when signing into a Google account on a new device, and you’ll be able to quickly verify that it’s you without the fear of someone stealing your texts. And if you forget your iPhone, you’ll still be able to select SMS as an option or use an Authenticator app by choosing “Sign in another way.”

Show Comments