Just wanted to add since I didn't see this covered in other comments yet --
TOTP and any sort of one time code authentication are just as phishable as passwords. Perhaps the biggest benefit for most people using U2F or FIDO2, is the large resistance to phishing.
This is because of how the whole ecosystem has adopted FIDO2. When a FIDO2 key signs an assertion for a website, it includes the domain in the signature base, e.g. "example.com". The browser enforces that the request to the FIDO2 key always uses the correct name of the domain you're on.
If you accidentally go to a fake website, "exaample.com", then the key will make a signature for "exaample.com", which is invalid for "example.com". Nothing can be phished to get around that, unlike OTP codes.
Even if you have other 2FA options linked to your account, as long as you're using your FIDO2 key, you gain this benefit. Very strong benefit for both individuals and enterprises.
> If you accidentally go to a fake website, "exaample.com", then the key will make a signature for "exaample.com", which is invalid for "example.com".
This actually isn't true - the result is even better.
When you visit fake.example instead of real.example there are two scenarios: For FIDO2 (like this product) with usernameless mode, just as with a modern iPhone or fancy Android with fingerprint reader, the authenticator knows perfectly well that you've never registered at fake.example so, you can't very well authenticate to it, you get an error.
With FIDO1 (or on sites that don't use the usernameless feature anyway) the authenticator has no idea you've never visited fake.example... but the site has to hand over an opaque ID, a large binary blob. This is (either directly or in effect) actually your private key, encrypted in AEAD mode using a symmetric key known only to your authenticator. Another ingredient to this encryption is the domain name. So either fake.example hands over a random blob, which is gibberish, or they hand over a genuine real.example blob... but they're fake.example so the decryption fails. You get an error.
The way I found this out was by trying it, I built a toy site with WebAuthn authentication. If I run the same code, on another site I own, it gets an error in the Javascript telling it that apparently I don't yet have a Security Key enrolled for this site, maybe it should enroll me first. If I tell it to pretend it's a different site, it gets an error saying no it isn't.
[ The bad guys could enroll you, but now you're really signing into their web site. Which is cool, but, doesn't actually help them phish credentials for the other site ]
I look at it like nothing < SMS 2fac, app OTP, fido2.
Every layer buys you a little bit (or a lot) more, raising the skill level and/or cost. Fido2 is much harder to phish but of course weaknesses may be found in the future.
I wrote pass-otp because I want to use a hardware token everywhere, not a TOTP secret that can be duplicated. The number 1 complaint I get is that I'm defeating the purpose of 2FA.
The epoxy can't be physically removed without great risk of ripping off the electronics on the underlying circuit.
The epoxy can be chemically dissolved, but would deteriorate the outside of the device as well. It the epoxy isn't completely cleaned out, then refilling it with new epoxy would look messy. With great care and skill, it could be done with little damage, but would be time consuming.
To add to this, we would like to be able to run open source & update-able code and leverage EAL certified secure elements. Chips like the SE050 have recently come on the market and will likely end up on our products eventually.
If ED works with ssh, I'm very interested and I'll buy a few as long as price isn't outrageous - I don't mind supporting development. I have a couple of somu, but ed25519 didn't seem to pan out (haven't tried).
Personally, I would prefer flush mount and/or tactile buttons, but NBD.
Hope they will be available on other than kickstarter, as I never got it to work, with all their tracking and what-not.
Did I guess right what "reversible" means? Maybe the page should actually say, so readers are not obliged to guess.
My first thought was that it had USB-C on one end and USB-A on the other. But studying the pics did not confirm that.
Reversible refers to the plug. USB-C is of course reversible, and USB-A also is.
There’s no constrain on the number of keys. You can use 1 device with unlimited sites, both v1 and v2, because keys are generated on-the-fly and not stored.
(There’s a limit on number of resident keys, and we supported 50 in v1, while for example yubikeys support 25. So far these are rarely used, if ever.)
No, it's incorrect. Do you have a link so we can fix?
Somu can store 50 resident keys exactly like Solo v1, as it has exactly the same MCU. In both there's a single master secret that's used to derive the (non-resident) keys. That's the only thing that's unique.
Like what others mention, it really depends on documentation from the vendor for the chipset you're working with. I mainly copied and pasted code from a form post by the vendor.
