Google 2018 :
Phishing Attack: Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often malicious reasons, by disguising as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of usage a bait in an attempt to catch a victim. According to the 2013 Microsoft Computing Safety Index, released in February 2014, the annual worldwide impact of phishing could be as high as US $5 billion.
Security Keys are small USB stick devices (made by YubiKey) that function like two-factor authentication (2FA). In case of 2FA enabled, the user (or hacker) need more than just a username and password for access. A second factor is required, usually a secret number sent to a trusted telephone number by SMS, or a key generated by an authentication app like Google Authentication.
These measures help, but they come with their own downsides. SMS messages are far from secure and can be compromised by hackers. Authenticator apps are more secure, but are a hassle. Physical keys solve both the problems at once: There’s no transmitted code to intercept, no phone apps to fumble with, and no numbers to punch in at login. Instead, you pop the security key into the device and press a button.
Google’s promising results could help these keys gain the momentum for more widespread adoption. Yubikey’s Security keys operate on an open-source standard called Universal 2nd Factor (U2F), which is already supported by a number of companions and products such as Google, Dropbox, and Facebook, as well as browsers like Google Chrome, Firefox, and Opera.
Until this standard or one like it is supported near universally, Security Keys will remain a tool for early adopters and organizations particularly worried about security. One hopes the practice will spread because while the internet may have completely changed many of the ways we live, it looks like a physical key is still your best bet at keeping yourself safe.
Also see: Trick to find any serial key on google