Google Wants You to Log In Using a USB Key.
Activating two-step verification is generally a good way to keep your online accounts safe, but security diehards will be the first to tell you that it's still prone to compromise. A USB security key is a more thorough precaution, and Google now supports them. If you use the Chrome browser and work primarily on a computer, a Google-enabled security key can help keep your data right where it belongs.
Google revealed the news in a blog post from Nishit Shah, a product manager at Google Security. As long as you have a security key that supports FIDO Universal 2nd Factor (U2F), you can use it instead of a verification code texted to your mobile device
Setting up and using a security key is generally very simple: Just insert it into your computer, set it up as per the device's instructions and activate Google's two-step verification. Thereafter, whenever you want to sign into your Google accounts from a new device, you'll be prompted to insert the security key rather than enter a secondary code. This is less cumbersome than waiting for a code, provided, of course, that you don't lose the key
Using a USB key for two-step verification is arguably more secure than using a mobile phone. A malefactor can't set up or modify the process remotely, USB sticks are less prone to theft than smartphone and the USB key verifies that it's really connecting to Google instead of a phishing site.
However, the process does have a few drawbacks. USB sticks won't work with most mobile devices, so a security key is better-suited to those who prefer accessing their Google accounts via computers. Google's two-step verification also works only with Chrome, so Firefox and Internet Explorer fans may want to stick with mobile codes.
Everyday users are probably better off with mobile two-step verification than security keys, but the option exists. Whatever you do, though, don't lose your USB security key; it's a bit like losing the keys to your house, and just as difficult to replace.