Titan Security Key

The Titan Security Key is a FIDO-compliant security token developed by Google which contains the Titan M cryptoprocessor which is also developed by Google. It was first released on October 15, 2019.

Features
Depending on the features, the key costs $25-$35, but Google has provided them for free to high-risk users. It is considered a more secure form of multi-factor authentication to log in to first-party and third-party services and to enroll in Google's advanced protection program. In 2021, Google removed the Bluetooth model due to concerns about its security and reliability.

In November 2023, Google announced a model with passkey support.

Vulnerabilities
The Bluetooth "T1" and "T2" models initially had a security bug that allowed anyone within 30 feet to make a clone of the key. The security firm NinjaLab has been able to extract the key using a side channel attack. In 2019, Google has put a bug bounty up to US$1.5 million on the Titan chip.

Newer versions and model numbers include:

1. USB-A/NFC (K9T)

2. Bluetooth/NFC/USB (K13T)

3. USB-C/NFC (YT1)

4. USB-C/NFC supporting U2F and FIDO2 (K40T)

While none of these included publicly disclosed security vulnerabilities, Google has discontinued selling Bluetooth versions of the keys in August 2021, although Bluetooth keys continue to work with their warranties honored.