Try Solokeys https://solokeys.com v2 is open source USB-C and NFC compatible work with FIDO and web Auth. Source: about 1 year ago
SoloKeys[0] are one alternative [0] https://solokeys.com/. - Source: Hacker News / about 1 year ago
Also take a look at solokeys. They are very affordable and support FIDO2 and FIDO U2F -- meaning they have overlapping protocols with Bitwarden, and they certainly work on Google. Source: about 1 year ago
You might want to check out https://solokeys.com/ then. They're pretty new (shipping for about a year) but they do full FOSS firmware & software as well as most hardware being FOSS as well. - Source: Hacker News / over 1 year ago
Yubikey is always recommend but solokey is open source. Source: over 1 year ago
No you do not need to use anything proprietary to use WebAuthn. There are open source software[0] and hardware keys[1]. [0]: https://github.com/psanford/tpm-fido [1]: https://solokeys.com/. - Source: Hacker News / over 1 year ago
> Something that makes the key unique is the fact that both its software and hardware are open source Aren't SoloKeys [1] also open hardware and software? Or is the Tillitis key more general purpose and thus not in the same category? [1] https://solokeys.com/. - Source: Hacker News / over 1 year ago
Are you familiar with https://solokeys.com/? - Source: Hacker News / over 1 year ago
There's also a cheaper Solokey that's about $20-25... It's open-source too, but YMMV with user-friendliness. Source: over 1 year ago
Snark aside though, there is SoloKey which is an open source hardware implementation of CTAP and more. Suffice it to say these things take a lot of work to create. Source: almost 2 years ago
It's still too early for Rust in the embedded space. A lot of that space has various certification requirements that Rust doesn't meet yet, and the rest of the space tends to follow too and is very conservative. Ferrous Systems is making some good progress to make certification of Rust happen, through ferrocene[0] and other initiatives, but it will take time. The only company I know using Rust in a sort-of... - Source: Hacker News / almost 2 years ago
There is actually at least one fido2 device that supports backing up (mostly), based on this spec from Dicekeys https://github.com/dicekeys/seeding-webauthn Solokeys (https://solokeys.com/ - v1, don't think the newew v2 does) have a special firmware version that implements this and allows you to use a custom seed - and as such restore a key from it. It only works on non-resident credentials (most commonly used, as... - Source: Hacker News / almost 2 years ago
As you can see this is a steep learning curve. If your interest is in learning about smartcards then it will be a rewarding challenge, however if you just want to log into Windows your best bet is to buy a FIDO-enabled smart card from somewhere like here. Most consumer FIDO tokens are sold as USB devices, not smart cards so your options are a bit limited. If you don't mind not using your built-in reader and want... Source: almost 2 years ago
One of hardware key standards, used in Yubico keys and elsewhere. I.e. You plug it in USB port and it can unlock your PC, login into Github and such. Source: almost 2 years ago
I've considered adding FIDO2 support to the software-only U2F token I wrote ( https://github.com/danstiner/rust-u2f). It's a fair bit of work though, and I am not sure how comfortable I am with passwordless login unless the keys are kept purely in hardware such as a TPM. That said, my reading of this post is that FIDO2 support will get built into Chromium directly, which is itself open source. Or if you do want a... - Source: Hacker News / almost 2 years ago
There are a number of FOSS solutions. - https://github.com/google/OpenSK <- DIY solution - https://solokeys.com/ - https://www.nitrokey.com/ The issue with any FOSS solution is that FIDO requires an attestation private key which is shared between a batch of at least 100,000 security keys. Using a DIY or cli app (application running on the host) solution will likely mean you'll be generating that private key... - Source: Hacker News / almost 2 years ago
Solokeys should be added to Hardware Security Keys. It's also open source like NitroKey. Source: almost 2 years ago
Was surprised to see https://solokeys.com/ does not... Source: about 2 years ago
But a opensource Solokey will be worth it. Thats an open source FIDO2 key. Only costs half of what the closed sourced yubikey costs. Source: about 2 years ago
Why not use something like this with the authenticator app as a second method? Source: over 2 years ago
Yubikey hardware is a black box. Better to use Open Hardware for security. https://www.nitrokey.com or https://solokeys.com. Source: over 2 years ago
Do you know an article comparing SoloKeys to other products?
Suggest a link to a post with product alternatives.
This is an informative page about SoloKeys. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.