Google is adding another layer of security for its service by introducing support for Security Key. Security Key is a physical USB second factor that only works after verifying the login site is truly a Google website, not a fake site pretending to be Google.
Rather than typing a code, you just insert Security Key into your computer’s USB port and tap it when prompted in Chrome. When you sign into your Google Account using Chrome and Security Key, you can be sure that the cryptographic signature cannot be phished.

Security Key and Chrome incorporate the open Universal 2nd Factor (U2F) protocol from the FIDO Alliance, so other websites with account login systems can get FIDO U2F working in Chrome today.

Security Key works with Google Accounts, but you’ll need to buy a compatible USB device directly from a U2F participating vendor.