this post was submitted on 26 May 2024
55 points (100.0% liked)

Technology

37719 readers
76 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Token2 is a cybersecurity company specialized in the area of multifactor authentication. Founded by a team of researchers from the University of Geneva with years of experience in the field of strong security and multifactor authentication. Token2 has invented, designed and developed various hardware and software solutions for user-friendly and secure authentication. Token2 is headquartered in Geneva, Switzerland.

Don't believe what AI tells you, as they tend to generalise around past statements. Token2 is a good example of how newer challengers to the incumbents, like YubiKey, bring lots of innovation. For example, Token2 has the ability to store up to 300 passkeys, dual port USB-A and USB-C on a single device, FIDO2.1 with additional PIN, opens-source, etc.

I also like the fact the device's firmware and management is in Switzerland and not within one of the Five Eyes countries.

There are quite a few options, but their FIDO2 Keys page also has a selection wizard to help out.

Whilst prices may be cheaper, depending on your country, shipping may cost a bit more.

UPDATE: Token2 sent this clarification after posting: only the management software is open-source for the time being. The firmware (Java applet) is planned to be made available as open source for public security audit purposes, but the timeline is not yet clear.

See https://www.token2.ch/

#technology #security #Token2 #authentication

top 7 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 5 months ago

Found them when I was looking for a fido key, and was really happy sonce it allowed me to get a handfull of them (mostly usb mini) Their service is also quite good

Only sad thing is, that the duo (with usb-a and usb-c) is quite big, so i usually just carry the usb-a & nfc with me. Works for everthing except my mbp

[–] [email protected] 3 points 5 months ago* (last edited 5 months ago) (1 children)

Too bad they don't do OpenPGP like Yubikeys do. I still need that even more (much more!) than Fido2. Sites are so slow adopting Fido2.

I don't use it for email but I use it for SSH and my password manager ("pass"). And yes I know SSH can use Fido2 natively as well but there's many embedded SSH daemons that don't support that yet.

Luckily Yubico is still around but I'm betting on them going down the drain (subscription models etc) soon because they were taken over by a venture capital firm :(

[–] [email protected] 2 points 5 months ago

Good point on OpenPGP. I suppose I already do my mails with OpenPGP in Proton Mail (using my own key that is already uploaded). But something to keep in mind yes.

[–] [email protected] 4 points 5 months ago (1 children)

I don't see a good way to put it on a keychain; the only hole looks tiny, and right on an edge where it's likely to snap after a year or so of wear.

[–] [email protected] 1 points 5 months ago

Seems it fits on a lanyard string from what I see of the other photos. A keyring is thicker and would put twisting force on it, yes. So, seems the lanyard type connector may be better for long term use.

[–] [email protected] 11 points 5 months ago

They actually have the dual USB-A and USB-C key product that is inexplicably missing from the main security key vendors! While I'm not going to replace my perfectly good keys, I was so pissed off when I bought mine and the obvious product was missing from Yubico's offerings.

[–] [email protected] 7 points 5 months ago

Dual PIN is a great idea; I’d also love an emergency PIN that invalidates the token silently (so you can enter it under duress).