If the password isn’t dead, it ought to be, shout headlines. Security experts almost universally despise the use of the password as almost the only form of end-user authentication, but there simply aren’t that many alternatives.
Google, however, is dipping its toes into this particular pool with an announcement that admins can provide employees with physical security keys with Google Apps for Work, managing access and tracking usage from a centralized security console.
Once enrolled, the USB key can be authorized or de-authorized remotely, in the case of lost or stolen keys, or if an employee is terminated, and logins using a particular key can be tracked over time and by location.
Early access users include Yelp and Woolworths, and Google said that the key management service will become generally available to Apps for Work users for no additional fees “in the coming weeks.”
The physical code-key isn’t exactly an entirely new concept – it’s been around in online gaming for some time, and Google already offers a USB key for authenticating personal Google accounts. Additionally, more and more services are using two-factor ID, generally by sending a verification code to a user’s smartphone. But the introduction of management tools for dedicated USB keys could prove a small but important advantage for Google’s growing enterprise presence.
This story, "Cranking up Google Apps for Work, using an actual key" was originally published by Network World.