Two-factor authentication (or two-step verification) is a security feature that absolutely each and every one people should use regardless of the service we want to protect.

And since Google accounts in many cases are targeted by hackers who wish to steal users' credentials, the search giant has developed several techniques to safeguard user data, including multiple ways to prevent malicious sign-in attempts as well as the standard password.

As numerous people have no doubt about, physical security keys are pretty much the easiest method to protect accounts and, simultaneously, minimal prone to get hacked.

But because getting and taking advantage of a security key isn't truly the most convenient thing to do for consumers, Google embraced another approach and is now allowing users to convert their Android phone to such devices.

Quite simply, any Android phone should now be able to double as a security key, technically allowing users to allow or reject a sign-in attempt into their accounts.

Google says this option is specifically recommended for individuals the Advanced Protection Program, for example "journalists, activists, business leaders and political campaign teams who are most at risk of targeted online attacks."

However, anyone can use it, as the new feature supports for personal Google accounts and Google Cloud accounts at work.

There are several requirements to have an Android phone to play the function of the security key:
The device must be running Android 7.0 or newer
The account must use two-step verification
The PC must support Bluetooth and also the feature should be turned on
The PC should be running Windows 10, Chrome OS, or macOS
Location must be enabled
Google Chrome must be used for logging in

"How to set up the security key"

Because Android phones come with a security key built in, all you need to do is configure your Google account to use the smartphone for two-factor authentication.

First and foremost, ensure your phone is configured with your Google account that you would like to safeguard, and let two-step verification.

Next, on your PC running any of the operating systems mentioned above you have to sign in to your Google account. Select the Add security key option within the account settings in the following location:

Google account > Security > 2-Step Verification > Security Key > Add Security Key

Once you click this method, you have to choose the device that you want to double as a burglar key, and this is how you get to configure exactly the same Google account with an Android phone. When the account isn't configured on this device, you won't see it in the listing of phones that may be configured as security keys.

When you're completed with this configuration screen, you need to visit a message reading:

"Security key added. Your [phone name] security key was put into your bank account. When you sign in with 2-Step Verification, you will employ passwords as well as your [phone name]."

Next time you attempt to sign in to your account and your Android phone meets these requirement, you'll be requested to approve the attempt in your mobile phone. Once you approve the sign-in, you should be able to log in and access your bank account.

You can always change your settings, remove devices or add new ones to be used as security keys using the steps detailed above. Don't forget that the device should be Bluetooth-capable, otherwise the login authorization request won't be sent to your phone. Google hasn't revealed why exactly Bluetooth is required, however it must be turned on alongside with the location services on Android.