According to a recent research paper, Google's two-factor Titan Security Keys are vulnerable to an attack, ultimately resulting in key duplication or cloning. That comes courtesy of a so-called side-channel vulnerability in the chip powering the 2FA key itself, and it requires login credentials, physical access, full disassembly of the key, hours of work, estimated thousands of dollars resources and equipment to reverse-engineer its cryptographic key, and which would be foiled by U2F standards over the long-term anyway. In short: There's not much for most of our readers to worry about.

Read More