For some reason I've so far been completely unable to use my #SoloKey over NFC on my phone (#Pixel 8 Pro running #GrapheneOS). The YubiKey NEO works fine for #U2F if I have #Bitwarden autofill disabled, but scanning the SoloKey always just brings up the SoloKey web page. Doesn't work for #passkeys either.

The SoloKey also only works for U2F on my laptop, because I use LibreWolf, and Mozilla is too busy wasting their time on AI to implement security features like PRF.

Continued thread

**EINGFOAN** @eingfoan@infosec.exchange · Jun 8, 2023 *

Jun 8, 2023 *

EINGFOAN @eingfoan@infosec.exchange

updated #fido2 #fido #securitykey #comparison draft Version 0.8

#yubikey #nitrokey #gotrust #feitian #solokey #titan #google
#mfa #u2f

@Fr333k @matthegap @shellsharks @FritzAdalis
@heisec

If updates are needed Post a reply here

Credits to

https://medium.com/webauthnworks/sorting-fido-ctap-webauthn-terminology-7d32067c0b01&sa=D&source=editors&ust=1686248837634831&usg=AOvVaw1RNctynoDjZdGOtR_n3KPm

https://fidoalliance.org/specifications/&sa=D&source=editors&ust=1686248837635017&usg=AOvVaw1j45hHJTnxzwWfT7VRfWK6

https://doubleoctopus.com/blog/standards-regulations/your-complete-guide-to-fido-fast-identity-online/&sa=D&source=editors&ust=1686248837635116&usg=AOvVaw3wIncGqheQ1koX9LV9-KED

**w4tsn ~>** @w4tsn@darmstadt.social · Mar 11, 2023 *

Mar 11, 2023 *

w4tsn ~> @w4tsn@darmstadt.social

TIL: es gibt tatsächlich Banken die #FIDO2 unterstützen

Na @glsbank, wann kann ich meinen #YubiKey / #SoloKey bei euch als zweiten Faktor verwenden?

https://www.marchfelderbank.at/internetbanking/haben-sie-fragen-/fido2-token

FIDO2 ist ein Multi-Factor-Authentication (#MFA) Standard, welcher auch Password-less Authentication erlaubt. Da es ein offener Standard ist kann eine Vielzahl von Lösungen damit als zusätzlicher Faktor statt klassicher TANs eingesetzt werden.

https://www.it-finanzmagazin.de/fido-banken-retter-in-der-sca-not-100145/

https://www.marchfelderbank.atFIDO2-TOKEN | Marchfelder BankFido2-Token - ein weiterer Schritt zum einfachen Login ins Marchfelder Internet Banking.

Replied in thread

**Administrator** @admin@endtimebelievers.com · Jan 15, 2023

Jan 15, 2023

Administrator @admin@endtimebelievers.com

@vmstan I ordered a #SoloKey a month or so ago. It's an Open Source key. Still waiting for it to arrive. Can't wait to try it out.

**Jorval** @jorval@chaos.social · Feb 8, 2022

Feb 8, 2022

Jorval @jorval@chaos.social

Liebes #fediverse
Ich möchte meinen #fido2 #solokey gegen eine Lösung ersetzen in der ich auch meine #ssh #gpg etc. Keys speichern kann und der auch noch #otp macht.

Ich bin damit bei #onlykey (onlykey.io) gelandet aber naja die webseite sieht etwas amazon mäßig aus. Hat jemand so einen key und kann mit mir seine erfahrungen teilen?

alt: yubikey oder nitrokey

gerne boost und vielen dank für die #followerpower #askfedi

**LucifarGundam** @lucifargundam@qoto.org · Jul 25, 2021

Jul 25, 2021

LucifarGundam @lucifargundam@qoto.org

@nick @torproject @briar
My bad- I haven't had my coffee yet and misunderstood.

As I still wake up, speaking from a pinephone user perspective:::
- A fully #encrypted #filesystem, with optional support for hardware key (like #solokey, or #nitrokey) #decryption
++Not sure about hw key, but encrypted fs is relatively easy on most Linux distros
- NO #Fingerprint Scanner or #Biometrics at all
++#pinephone doesn't have that at all
- #NFC that can only be toggled on temporarily, and automatically shuts off after X amount of time
++Probably a feature to be released in the near future
- #Bluetooth 5+ with #A2DP; #AptX and #BLE with a more security focused method of #authentication
++From the wiki "Bluetooth: 4.0, A2DP"; could probably swap it out though.
- All internet connections routed through @torproject (or something similar), with a #killswitch if the connection is dropped
++Maybe configure a distro to do so? I know there's various killswitches on the back.
- Privacy focused #browser with something like #SSL Everywhere; #WebRTC and JS disabled by default, with easy toggle for "trusted" websites, which would allow JS and Video etc
++Never tried this specific setup myself-ill have to give it a go.
- #Decentralized messaging; voice chat; video conferencing; forums and blogs, like where #Briar is being taken by @briar (though the voice; video and other creature comforts are as yet unavailable)
++I used #fractal as well as ssh into my personal communication server
- No closed source Modem/Wifi/Bluetooth binary blobs
++Iirc, pinephones modem is open.
- Securely Containerized SMS/MMS
++Sms/mms is still unstable but working
- Password Manager with support for #OTP; #TOTP and #Fido2
++I keep being referred to bitwarden. Not sure if this applies.
- #GPS #Spoofing by default
++Not aware of any mobile distro doing this be default
=======≠===≠=≠================≠===≠===≠==
I would like to see more Linux phone options/development out there in the wild...