Last Modified: Mon, 17 Feb 2025 19:34:26 +0000 ; Created: Mon, 17 Feb 2025 19:34:26 +0000
I was looking for any way to have a FIDO2 USB security key that cost under $10. I found this project https://www.picokeys.com/pico-fido/ which seemed neat.
I tested it with a LilyGo T-Dongle S3 USB device (ESP32-S3) and flashed the firmware. It worked! I could set a PIN on the device and enroll the FIDO2 key. Pressing the button on the device worked to authorize the key to test WebAuthN sites. Cons:
Another OptionThe project also supports the Raspberry Pico 2. I did not have one, but it appears to have Secure Boot and Secure Lock options.Cons:
Cost:Not including shipping + tax$5 for Pico 2 $2 for a 3D printed case $4 for a cable from micro-USB to lightning or USB-C or USB-A Adding in shipping pushes over the $10 goal. Also the lack of NFC means more work to connect to tablets or phones. SummaryFor around $19 you can get a USB security key with NFC and a smaller footprint. The Pico Fido project is cool and might make a good HSM for local dev work, but for FIDO2 security keys using a commercial product (or your smartphone) is still cheaper. It'd be nice to see a USB+NFC key that only cost $5 since it can offer better security than smartphones. A $5 price point would make it economical to replace if lost (just like house keys).Still going to keep looking for high security USB keys that cost little. |
|