Android Phones Turn Into FIDO2 Keys for Google Logins, Replacing USB Tokens

5 articles · Updated · MUO - MakeUseOf · Jun 1

Google account users can now sign in without passwords by using an Android phone as a FIDO2 credential, approving access with a fingerprint, face scan, or screen lock.
The setup stores a private cryptographic key in the phone’s secure hardware—such as Titan M2 on Pixel or Knox Vault on Samsung—while websites keep only the matching public key.
On a new device, Google presents a QR code; scanning it with the enrolled Android phone and authenticating locally completes the login without entering a password.
USB security keys still matter for people who want one dedicated physical token across many accounts, but for most users a phone-based passkey offers the same core protection with less hassle.

Your phone is the key to everything. What happens to your digital life if you lose it?

By killing passwords, are we handing the ultimate keys to our digital lives to Big Tech?

Your login is secure, but can hackers still hijack your accounts in plain sight?