Google is beta testing Android phones as Bluetooth-based two-step verification tokens

Two factor authentication is one of the best ways you can secure your online accounts against misuse by those who might compromise your passwords. Unfortunately, convenience is key and if 2FA isn’t easy to use, the research tells us people simply don’t bother – and put themselves at risk.

We think Google’s already done a pretty decent job at enabling good 2FA practices, with the Google Prompt on your phone, authentication codes from Google Authenticator and more. However, Google is looking at ways to use your Android phone as a Bluetooth security key for much more applications.

The company recently paved the way for more Bluetooth-equipped devices to be recognized as security keys. This would make the Android phones that people carry every day a very convenient physical key to own, without having to carry something extra.

Anyone can try out the feature today – it’s supported on any Android device running Android 7 or higher. The feature is currently limited to accessing a Google account on the Chrome web browser through a Bluetooth-enabled Chrome OS, Mac, or Windows device. All users need is to make sure that same Google account is logged into a phone with Android version 7.0 Nougat or later.

You can sign in to access two-step verification settings at this link. Scroll down to the section labeled “Set up an alternative second step” and then click on the “Add Security Key” button. You will then be able to select an eligible Android phone to act as your Bluetooth-based security key — if you carry multiple phones on the daily, tough luck, you can only set up one Bluetooth key at the moment.

The next time you sign into your Google account with Chrome on a computer you don’t normally use, Google will prompt you to bring out the phone you chose as your security key. Make sure both devices have Bluetooth turned on, then follow the instructions on the phone’s display to authenticate your login.