Google's Advanced Protection Program adds support for iOS security keys

Alonzo Simpson
January 16, 2020

Android phones have had this feature for months, but now iPhone owners can also use it.

Google's Advanced Protection Program (APP) is designed for users who face higher security risks than others such as politicians, business executives and journalists. Until now, though, you were required to consign two security keys in order to get those extra safety measures and only one of them could be an Android phone.

This comes after Google also made using the security key built-in Android phones running Android 7.0+ (Nougat) generally available last year, and previously allowing iOS users to verify sign-ins into Google and Google Cloud services with the help of Android phones set up as security keys.

When the time comes to log into a Google app or service, a push notification will be sent to your iPhone. Those requirements seem to have changed today as Google has started allowing iOS devices to act as keys and letting users enroll into the program with just their mobile device, no backup key needed.

Click Add security key Select your iPhone Add.

Ex-Trump aide Michael Flynn seeks to withdraw guilty plea
Flynn's cooperation in the Rafiekian prosecution is at the center of the dispute that led to the withdrawal of the plea. Those attorneys have raised repeated misconduct allegations against the government - which a judge has since rejected.


Note that you can only log in on a Chrome browser, and of course need have Bluetooth enabled on both your phone and second device in question.

In a step to improve account security, Google has updated its iOS app so that iPhones can be used as security keys for two-factor authentication.

Follow the on-screen instructions and turn on your iPhone's built-in security key by tapping Yes, I'm in when prompted to in the Smart Lock app.

Using hardware security keys exclusively for account access is a very effective way to stop phishing attacks completely, a study published by Google in May past year showed.

Two-factor is not a foolproof method to duck from hacking attempts, but it is better than not having two-factor authentication at all.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER