New: Nitrokey Passkey for Passwordless Login, Two-Factor Authentication

The new Nitrokey Passkey is now available in our online store. It reliably protects your accounts against phishing and password theft. The Nitrokey Passkey allows super simple and secure passwordless login and two-factor authentication (2FA) using the modern WebAuthn or FIDO2 standard. This standard is supported by more and more websites and aims to replace traditional passwords. The device has a practical USB-A mini format and therefore fits on any key ring.

The Nitrokey Passkey is the successor to the Nitrokey FIDO2 and is based on our modern Nitrokey 3, which was developed from scratch in Rust. It is designed for people and organizations who need an inexpensive security key for secure login but do not need the wide range of functions of the Nitrokey 3 (encryption, OpenPGP, passwords, OTP, PIV, Secure Element).

Trustworthy thanks to open source; quality made in Germany.

In larger quantities, the Nitrokey Passkey is also available with One-Time Passwords (OTP) instead of FIDO2.

Buy Nitrokey Passkey

22.3.2024

Comments

Submitted by Anonymous on 22. March 2024 - 17:14
Most sites (I have seen) introducing "passkey" use it as a synonym for "login without username" and not "login without password". However, I was not able to find any information about the capacity of this new product.
Submitted by meissner on 22. March 2024 - 23:29
This is essentially the successor to the Nitrokey FIDO2. Updated with our latest Trussed Framework based on Rust. As mentioned in the text this is a device, which allows FIDO2-based authentication. So this Nitrokey will work with any website/service which offer U2F/FIDO2 and the latest marketing term (mainly pitched by the global players) is "Passkeys". Technically it will mostly be "passwordless", you always need to tell the service/website who you are, e.g. giving a username/login/e-mail - this is also by definition important, because you could also have two different passkeys for a single service by using two different usernames and both can be kept on such a Nitrokey Passkey.
Submitted by Anonymous on 23. March 2024 - 9:14
From my point of view "this will be mostly passwordless" is not accurate. GitHub and Google for example introduced login without username, not passwordless. The FIDO2 key supported 50 resident keys. How many will the new device support? .
Submitted by frustbox on 23. March 2024 - 14:36
Somewhere buried in the technical details in a PDF they say that it's "Login without username for up to 50 accounts (FIDO2)" Which I hope is the residential keys. That's better than the 25 that yubikey supports.
Submitted by Anonymous on 2. April 2024 - 16:32
There is no pdf available for the new product on the web site. Where did you find these technical details?
Submitted by Fred Eisele on 22. March 2024 - 21:48
It is not clear to me what happens if I were to loose the Nitrokey Passkey.
Submitted by meissner on 22. March 2024 - 23:34
There are various ways how to handle this. Usually we suggest to have more than one device registered with the service/website. So worst-case you can still use the other device to log in. Many services also offer different other methods to handle such a situation: recovery codes, phone-based 2-factor, "forgot my password"-mechanisms or TOTPs. Please check which are supported for your service and make sure you have at least one additional option (I personally prefer two more).
Submitted by Preiger on 23. March 2024 - 15:01
Warum nur USB A? Wäre USB C nicht praktischer, weil der Nitrokey dann auch mit Smartphones genutzt werden könnte?
Submitted by meissner on 2. April 2024 - 12:48
Ja wir schauen uns USB C an, leider gibt es noch keinen genauen Fahrplan wann es eine USB-C Variante geben wird, aber diese ist in Arbeit.
Submitted by F-Meissner on 15. April 2024 - 16:23
Habe gerade den „Nitrokey Passkey“ von heise geliefert bekommen in einem hübschen Tütchen mit Aufschrift „ Getting started - Erste Schritte: www.nitrokey.com/start“. Dort ist der Nitrokey Passkey leider nicht zu finden. Pech gehabt! Ein Anruf bei „heise“ war ebenfalls efolglos. Ich solle doch bitte eine E-Mail an „heise“ schreiben. Dann könne eventuell ein Experte aus der Technik weiterhelfen. Mir scheint das Projekt „Nitrokey“ hinsichtlich Kundenunterstützung und Marketing noch sehr verbesserungsfähig um der - an sich - beeindruckenden Idee des Passkeys zum Durchbruch zu verhelfen..
Submitted by meissner on 16. April 2024 - 11:17
hey, mittlerweile sollte eine erste Seite in der Dokumentation zum Passkey vorhanden sein, bitte schau doch nochmala: https://docs.nitrokey.com/
Submitted by schmid on 19. April 2024 - 11:19
Hallo, wieviele "passkeys" resp. keypairs kann der Nitro Passkey speichern ? Die Produkteübersicht unter https://www.nitrokey.com/products/nitrokeys schweigt sich über solche Details aus.
Submitted by meissner on 22. April 2024 - 13:07
In der ganz aktuellen Firmware (Apr. 2024) sind diese auf 10 Passkeys beschränkt. Es ist aber wesentlich mehr Speicherplatz verfügbar und wir werden bald in Richtung 100 anbieten. Wichtig wäre an dieser Stelle auch noch zu erwähnen, dass wir hier über "Discoverable Credentials" sprechen, viele Dienste bieten auch non-discoverable Passkeys (FIDO2) an, von diesen kann man unendlich(!) viele speichern.

Add new comment

Fill in the blank.