.jpg) | |
| Common manufacturers | |
|---|---|
| Design firm | |
| Introduced | October 15, 2019 |
| Cost | US$25 -US$35 |
| Color | White |
TheTitan Security Key is aFIDO-compliantsecurity token developed by Google which contains theTitan M cryptoprocessor which is also developed by Google. It was first released on October 15, 2019.[1]
Depending on the features, the key costs $25-$35,[2] but Google has provided them for free to high-risk users.[3] It is considered a more secure form ofmulti-factor authentication to log in to first-party and third-party services and to enroll in Google's advanced protection program. In 2021, Google removed theBluetooth model due to concerns about its security and reliability.[2]
In November 2023, Google announced a v2 modelpasskey with FIDO Authenticator Certification Level 1 support.[4][5]
The Bluetooth "T1" and "T2" models initially had a security bug that allowed anyone within 30 feet to make a clone of the key.[6] The security firm NinjaLab has been able to extract the key using a side channel attack.[7] In 2019, Google has put abug bounty up to US$1.5 million on the Titan chip.[8]
Newer versions and model numbers include:[9]
1. USB-A/NFC (K9T)
2. Bluetooth/NFC/USB (K13T)
3. USB-C/NFC (YT1)
4. USB-C/NFC supporting U2F and FIDO2 (K40T)
While none of these included publicly disclosed security vulnerabilities, Google has discontinued selling Bluetooth versions of the keys in August 2021,[10] although Bluetooth keys continue to work with their warranties honored.[11]
