Open SystemOfTheCSGO opened 1 year ago
Hello, got a few questions about the build that you are using, is that corporate build or any beta version by any chance?
The key for MS products like Windows, O365 needs to be FIDO2, as far as I know flipper is FIDO1. Any chance for FIDO2 on flipper hardware?
The key for MS products like Windows, O365 needs to be FIDO2, as far as I know flipper is FIDO1. Any chance for FIDO2 on flipper hardware?
I feel like it would be a security risk, especially since FIDO2 is usually a passwordless login. Definitely safer to get a separate security key for it.
We'll try to pack it in future updates.
We'll try to pack it in future updates.
Any news?
Not really, plans are to complete NFC refactoring, then BadUSB/BadUART, and then U2F/FIDO.
Any news? this would help me out since now i need this for U2F on work repos
i am also interested in this
Hey there. I can help with developing U2F/FIDO :) But I don't know how work U2F in Windows :(
I just wanted to chime in and say that I'm really looking forward to FIDO2 on the Flipper as well.
Adding NFC support to the U2F/FIDO app would be extremely helpful, too, since I authenticate from an iPhone more often than a laptop/desktop at this point.
Does the Flipper (even with XFW) really not support FIDO2? It does not work on my iPhone via lightning cable I‘m so disappointed like tf
Not really, plans are to complete NFC refactoring, then BadUSB/BadUART, and then U2F/FIDO.
From what I see searching around the repo, NFC refactoring has been completed, I may be wrong and/or misinterpreted, I'm not sure about whether BadUSB/BadUART has been, but if so, is FIDO2 support still in the pipeline?
In a long term FIDO2 is on the roadmap. But right now no one is working on it and we also'd like to have proper secure enclave before going further.
Describe the enhancement you're suggesting.
The current module of security key U2F is not supported by windows.
Reproduction
Use the firmware as usual, get a clean install of windows 11, try to link the security key from flipper to windows, you will get a error: this device is not certified.
Anything else?
This can be bypassed emulating headers of a certified key. (I’ve seen it done before, at least a homemade microsoft certified’ seckey.)