Google Smart Lock app gets update on iPhone to boost security

A new way to protect your Google accounts.

Eli Blumenthal Senior Editor
Eli Blumenthal is a senior editor at CNET with a particular focus on covering the latest in the ever-changing worlds of telecom, streaming and sports. He previously worked as a technology reporter at USA Today.
Expertise 5G | Mobile networks | Wireless carriers | Phones | Tablets | Streaming devices | Streaming platforms | Mobile | Console gaming
Eli Blumenthal
2 min read

Google is adding another way to protect your Google Account through an iPhone. 

James Martin/CNET

In 2020 having two-factor authentication on your accounts won't completely protect you from all risks, but it can help. Having codes sent to your phone via text message is better than nothing, but SIM swap attacks-- where someone tricks your carrier into giving them a SIM card with your number -- have shown the vulnerabilities there.  

To help boost security, Google has updated its Google Smart Lock app for iPhones that turn your iOS device into a physical security key when logging into Chrome. Already available for Android, the new option allows you to use your iPhone to ensure that it really is you logging in. It also allows the phone to become enrolled in Google's Advanced Protection Program. (Google also sells physical Titan Security Keys that perform a similar function.) 

Google's Smart Lock in action. 


Unlike the Google Authenticator app, which provides an ever-changing six-digit pin that updates every 30 seconds, the Smart Lock app doesn't require you to have to manually enter a key to log in. Instead, it uses notifications and Bluetooth (as opposed to the internet) to verify your identity. 

Setup is fairly simple. Download the free app, enable Bluetooth and notifications and log into your Google Account. When you sign in from another device you should now receive prompts alerting you to confirm the log-in. 

Bluetooth needs to be enabled on both the iPhone and the tablet or computer you're logging in on for this to work, and this, for at least right now, will only work when logging into Google's Chrome browser. 

If you're logging in through a different browser or app you'll still need to confirm your attempt through a different method such as a text message or Google Authenticator pin code or by tapping "yes" in the official Gmail app on your phone. Google also recommends having a "backup security key to your account and keeping it in a safe place," just in case you lose your phone.