Google's Bluetooth Titan Security Keys Have a Vulnerability, Free Replacement Offered

The security flaw doesn't affect Titan USB keys.

Advertisement
By Harpreet Singh | Updated: 16 May 2019 14:51 IST
Highlights
  • Google will offer a free replacement to all existing users
  • The security flaw affects only Bluetooth Titan security keys
  • An attacker must be in close physical proximity to exploit the flaw

Google Titan keys with 'T1' or 'T2' will be replaced for free

Photo Credit: Google

Google released a security advisory on Monday that says a security bug exists in the company's Bluetooth Titan Security Key. The flaw could potentially enable someone to gain access to a user's account or device while remaining in close physical proximity. The tech giant claims this is a result of a 'misconfiguration' in the keys' Bluetooth pairing protocols, however, the keys are still great at protecting users against phishing attacks.

Google will offer a free replacement key to all existing users. The issue is limited to the Titan Bluetooth keys which means if you're using the Titan USB keys, you shouldn't be worried. Google sells its Titan Bluetooth keys for $50 (roughly Rs. 3,500). To recall, Google's Titan Security Keys for two-factor authentication had been launched in August last year.

Advertisement

The company further explained in its security advisory that an attacker will need to be within Bluetooth range (around 30 feet) to exploit the security flaw. The attacker can only make use of the misconfigured protocol when a user presses the button on the Titan Bluetooth key to activate it. This way they'll be able to connect their device to the key before yours.

Since a user's security key must be paired with their device before it can be used, an attacker could also exploit this by using their device and masking it as your security key. But for all this to be exploited, the attacker must also know your credentials.

Advertisement

Google maintains that its Titan Bluetooth keys still protect users against phishing attacks and that users can still use them until the company ships a free replacement. In its announcement, Google claims physical security keys still offer the strongest protection against phishing. Users with 'T1' or 'T2' on their Google Titan Key are eligible for a replacement.

The company which makes Google's Titan Security Key, Feitian, has also issued a similar statement, disclosing the vulnerability as well as offering a free replacement for its users. The company also sells physical security keys under its own brand.

Advertisement

The vulnerability doesn't affect the recent feature on Android phones that can be used as a physical security key, apart from Titan USB keys.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo T5 Lite 5G Will Launch in India on This Date
  2. BSNL Satellite Phone With Inmarsat Connectivity Launched in India
  3. Think Foldables Have Weak Cameras? This Phone Changed That in India
  4. OTT Releases This Week: Peddi, Ikka, Balti, Dose, The Westies, and More
  5. Dell's Pro Precision Workstation Lineup Debuts in India: See Price, Features
  6. HMD Arc 2 Introduced With Upgraded Chip and 5,000mAh Battery: See Price
  7. Netflix for Free? Here's How to Check If You're Eligible for a Free Trial
  1. Call of Duty: Black Ops and Black Ops 2 Ports Released on PS4 and PS5
  2. Bitcoin Holds Above $63,800 as Lower Oil Prices Lift Crypto Market Sentiment
  3. Apple's iPhone Ultra Tipped to Feature Near Crease-Free Foldable Display Using Novel Hinge Technology
  4. Vivo T5 Lite 5G India Launch Date Revealed Alongside Key Specifications, Features
  5. Sony IER-M500 In-Ear Monitors Launched With 5mm Driver, Hi-Res Audio: Price, Features
  6. Oppo Find N7 Leak Hints at Launch Timeline and Presence of 6,500mAh Battery, Snapdragon 8 Elite Gen 6 Chip
  7. Meta Unveils Muse Spark 1.1 AI Model With 1 Million-Token Context Window, Model API Preview
  8. Assassin's Creed Black Flag Resynced Becomes Biggest Steam Launch in Series' History
  9. Government Removes Import Duty on Some Electronics, Smartphone Parts
  10. HMD Arc 2 Launched With Unisoc T603 Chip, 5,000mAh Battery: Price, Features
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.