Solo Is the World’s First Open Source FIDO2 Hardware Key for 2FA
Virtually every computer security expert will tell you the same thing: you should be using two-factor authentication (2FA) to log into websites and services. That’s because even the best passwords can be compromised through phishing or if any service you use has a data breach — it only takes one website mishandling your password. Multi-factor authentication adds an extra layer of protection, and Solo is the first open source hardware security key to utilize the new FIDO2 standard.
Two-factor authentication is exactly what it sounds like: to long into a service, you have to verify you’re the account owner in two separate ways. The first is almost always by entering your password, and the second, currently, is usually with a temporary code sent to you via SMS. That provides a lot more security, but it’s still not perfect. Solo is a physical USB or NFC hardware security key that replaces that second verification or adds another layer, and is a lot more secure.
When you log into Google on a new device, for instance, you enter your password, plug in Solo, and push the button to login. If you’re using an Android device with NFC, you can just tap Solo against your phone. Solo stores a unique passkey in a secure chip, so you need physical access to it to log in. While we won’t say that Solo in uncrackable — everyone in security knows that using such a term is folly — it is very secure. Black hat hackers, for the most part, are looking for easy opportunities like weak passwords. If they even could crack Solo, it’s unlikely that they would in most instances.
Solo is on Kickstarter until October 28th, and has already exceeded its goal many times over. One USB-only Solo costs $14, and the NFC-enabled Solo Tap costs $29. Solo rewards are expected to ship in December, and Solo Tap rewards ship in February.