Conor Patrick (@_conorpp), co-founder of SoloKeys, shares the story of raising $125,000 on Kickstarter to build Solo, an open-source hardware security key for two factor authentication (2FA).
Towards the end of the conversation, Conor shares his thoughts on the recent trend of using phones as security keys and highlights Somu, the next exciting product that he and his team are working on right now.
Social media & website
- Phishing resistance two factor authentication (2FA) comes from implementing the FIDO2: WebAuthn & CTAP specifications.
- U2F Zero security key
- In his blog post, Designing and Producing 2FA tokens to Sell on Amazon, Conor explains how he created and sold an open source security key named U2F Zero while an undergrad in university.
- You can access the hardware designs and software in the GitHub repo conorpp/u2f-zero.
- You can build your own U2F Zero by following the instructions in the Build a U2F Token wiki page.
- SoloKey security key
- Google Security Blog: Now generally available: Android phone’s built-in security key
- NitroKey security key
- NitroKey, a commercial provider of security keys, based their open source U2F security key on Conor’s U2F Zero project. You can access the Nitrokey firmware and hardware in the GitHub repo Nitrokey/nitrokey-fido-u2f-firmware.
- NitroKey is also building security keys based on SoloKey’s current design as well.
- Somu: A tiny FIDO2 security key for two-factor authentication and passwordless login
Canonical URL: https://allthingsauth.com/podcast/001-conor-patrick-of-solokeys
What is The All Things Auth Podcast?
Every 2 weeks, Conor Gilsenan hosts a conversation with creators, researchers, founders, and advocates who are working to improve the usability of security and privacy technologies.
Guests share what they are currently working on, how they got to where they are today, who they are trying to help, and what keeps them motivated to overcome challenges along the way.
The goal is for the rest of us to learn from their experiences and go on to promote usable security and privacy within our own projects and organizations.