New: Nitrokey FIDO U2F

Now it's finally time to launch our brand-new Nitrokey FIDO U2F. After uncounted hours of hard work, we are very proud to present you our newest product. The Nitrokey FIDO U2F does two things for you: First, it protects your most precious accounts at home and at work. Second, it makes it easy as never before to use two-factor authentication.

You might think "Why do I need two-factor authentication?". It's simple. Passwords alone are no longer (or have never been) sufficient to secure your accounts and digital identities. Once your password has been guessed, hacked or stolen, you are screwed, so is your account. That is why you need a second factor to log in to your accounts. But app- and especially SMS-based two-factor authentication methods can be inconvenient and insecure. In case a criminal steals your Nitrokey FIDO U2F, the hardware cryptography of our device is robust enough to withstand even attacks using high-end laboratory devices.

With your Nitrokey FIDO U2F, after the initial configuration, you just need to touch the button on the device each time you are logging in to your various accounts. Easy, right? The major web browsers on the major operating systems are compatible with Nitrokey FIDO U2F out of the box: Chrome, Chromium, Firefox, Opera; on Windows, macOS, Linux, BSD. No driver or software installation is required.

And you need a compatible website, of course. More and more web services support two-factor authentication with FIDO U2F as well. Thanks to its compatibility with the FIDO Universal 2nd Factor (U2F) and WebAuthn standards, we are looking forward to expanding reach and uses cases for our Nitrokey FIDO U2F. You can look up if your preferred web services are already compatible at www.dongleauth.info

Finally, our Nitrokey FIDO U2F can be used for an unlimited amount of user accounts. It comes with an affordable price (€22) and the ease of mind of open hardware and open source software. Hence, you don't necessarily need to trust us, because you could verify its security yourself.

23.10.2019

Comments

Hi Nitrokey team, Quick question: Nitrokey Pro v.2 will not get U2F support, will it? Read in another comment by Jan that this would require a new HW release (aka Pro v.3). So if I want to have U2F support these days, the sole option is to purchase a NK Lite? Is there any HW release planned in the upcoming weeks (it is Xmas time and perfect time for a secure gift...). Thanks!
That's all correct except there is no NK Lite but Nitrokey FIDO U2F instead. We don't plan any other hardware release for this year.
For a moment I thought I had found the only trustable modern storage media in the world. I was wrong! How come the keys don't have physical write-protection switches? (for the firmware and mass storage). I also don't understand why they aren't USB 3.x (namely the storage keys). Oh well, going back to pen and paper.
Nitrokey Storage has write-protection mechanism which can be managed via software. We plan to add a physical button later, to let user confirm certain activities.
Why is this not being sold as part of the Nitrokey Pro 2 ? Is there a reason ?
Because we need time to integrate FIDO functionality to the other models. That is on the roadmap.
Hi. Is the Nitrokey FIDO U2F compatible with android smartphones? Over an otg adapter?
Good question. We didn't try it. The question is if FIDO U2F via USB is supported by Android. If this is the case, our device should work.
Please can you try it on phone?
I use Yubikey for U2F and it works with my Android 8 using a utg cable. As U2F is a standard I would assume that Nitrokey U2F should work too.
It doesn't. I used to get it working someway back in November, but after I reinstalled OS it didn't work on Gmail anymore with neither Chrome nor Firefox. The result on Android Oreo 8.1 was the same, however I haven't tried it for a few months now, so maybe they have fixed something in the implementation. All I know though is that it recently stopped working in the latest Google Chrome on desktop. The websites nowadays are heavily favoring Bluetooth-based authentication devices, so I fear that this dongle is already obsolete before it was launched. (And I also find it outrageous that most places you cannot overrule sms-based authentication with a key, as I find the GSM network entirely insecure and it should be avoided at all costs, so it is essentially the same as using a standard username/password combo into a keylogger, if an attacker is able to monitor your OTPs.)
Update: Nitrokey U2F works again in Chrome (tested with Gmail and Facebook)
Correction: It works on PC (June 2019) again. Haven't tested Android.
using the U2F with Gmail is hilarious, it works but i have to change my password every single time !
Well, either you want security, or you want GMail. What's the point of using GMail anyhow? They read your emails and give away your data to third parties. Consider getting an email account from disroot.org or something similar. (Just my 2 cents.)

Add new comment

Fill in the blank.