Cheap FIDO2 USB

Last Modified: Tue, 01 Jul 2025 15:32:54 +0000 ; Created: Mon, 17 Feb 2025 19:34:26 +0000

I was looking for any way to have a FIDO2 USB security key that cost under $10. I found this project https://www.picokeys.com/pico-fido/ which seemed neat.

Hardware Option: LilyGo T-Dongle S3 (ESP32-S3)

I tested it with a LilyGo T-Dongle S3 USB device (ESP32-S3) and flashed the firmware. It worked! I could set a PIN on the device and enroll the FIDO2 key. Pressing the button on the device worked to authorize the key to test WebAuthN sites.

Cons:

  1. One device with shipping costs $25. There is a direct from OEM version without a display for $11 (plus shipping/tax).
  2. It does not have a secure enclave for the secrets
  3. No NFC support
  4. Bluetooth existed but was not an option (no battery power)

Hardware Option: Raspberry Pico 2

The project also supports the Raspberry Pico 2. I did purchase some, and it does have Secure Boot and Secure Lock options for the firmware.

Cons:

  • The secure enclave is not well vetted yet with security testing
  • Requires getting (or 3D printing) a case with existing push-button notch support/li>
  • OEM version comes with a micro-USB port so a cable or soldered adapter is required
  • No NFC support
  • Larger form factor

Cost:

Not including shipping + tax
  • $5 for Pico 2
  • $1 for a 3D self-printed case (link)
  • $4 for a cable from micro-USB to lightning or USB-C or USB-A
Adding in shipping pushed over the $10 goal. Also the lack of NFC means more work to connect to tablets or phones (OTG adapter). It could be a handy backup key though that you store somewhere safe.

Summary

For around $19 you can get a USB security key with NFC and a smaller footprint. The Pico Fido project is cool and might make a good HSM for local dev work, but for FIDO2 security keys using a commercial product (or your smartphone) is still cheaper. It'd be nice to see a USB+NFC key that only cost $5 since it can offer better security than smartphones. A $5 price point would make it economical to replace if lost (just like house keys).

Still going to keep looking for high security USB keys that cost little.