Those who are looking for a more intensive security verification process than the usual 2-step model can now add in a physical key to the mix. Google has been the latest to join up with FIDO Alliance, in order to provide a USB powered key that uses the Universal 2nd Factor (U2F) protection method.
Google already has a standard two-step verification that sends a code to your mobile phone through a text message. That allows you to confirm an unfamiliar device, and gain access to your account if it has been locked for suspicious activity. But that can theoretically be bypassed, such as through cloning a phone and intercepting their text messages. It is a far way to go, but not impossible.