Heck yeah, FIDO2 devices are great for systems that support it. As you already said in a reply, make sure to set a device PIN.
The pin for a Yubikey has to be entered on a computer instead of on the device itself, but those devices are much more expensive since they have a touchscreen.
Yeah Ill buy multiple devices to play with. I just wanted to share that this was an option since lots of people still don't use these. Very reasonably priced.
Any other brands you have a recommendation for?
I found the Yubikey very difficult to use with a PIN. It worked okay without one but:
A.) That's not what I want, and
B.) Some systems won't accept devices that are not PIN protected
So I'd disrecommend them unless you extra money and want to play around with it to see if it'd work for your use case.
I haven't personally used a NitroKey, but I did verify that they really do publish their hardware schematics and code. I'd build one of my own, but they're so reasonably priced, I can't really justify that amount of time and effort for something I'm only moderately passionate about.
ahhhhh the fido alliance !!!
what can go wrong when u give : amazon, apple, google, microsoft, mastercard, ... u security key. They will make sure u r safe. After soo many years they are here for u.
If you think those are the only choices, you are truely ignorant.
Take a look at NitroKey, Terzor Model T, and the other open source hardware implementations and then get behind cryptographically secure authentication like the entire security community has been for years.
Fido and Fido2 have flaw, big flaw due to the thinking idea that: authentification should be easy.
Secure thing aren t easy to deal w.
If u are confortable loosing stuff to Fido alliance go ahead but know that u will lose stuff.
And if u want to call me ignorant go ahead. i think nobody attack nitrokey cause few use them. For the other group that use fido model. This year too, should prove that those model aren t reliable or secure.
