FIDO2 U2F Security Key Passkey Two-Factor Authentication (2FA) USB Key PIN+Touch (Non-Biometric) USB-A Type TrustKey T110

Very Good

Sin duda alguna para quienes necesitamos mantener nuestras cuentas seguras esto es indispensable, la 1ra barrera de defensa siempre somos nostros como usuarios que debemos tener cuidado con los correos sospechosos, pero este tipo de llaves FIDO2 nos dan una tranquilidad extra de que no perderemos nuestras cuentas y en mi caso mi canal de youtube estara mas seguro al tenerla, OJO es importante tener 2 de ellas en caso de que se extravié o dañe la principal, el respaldo te ayudara a seguir entrando en tu cuenta mientras consigues una nueva

UPDATE; 12/11/2021 - I HAD TO HIRE A COMPUTER SPECIALIST TO GET IT WORKING. THIS PRODUCT DOES NOT WORK WITH MY COMPUTER, OR THE SPECIFIC APP IT WAS PURCHASED FOR. TECH SUPPORT WAS RENDERED BY A SALESMAN, NOT A TECH SUPPORT SPECIALIST. ALTHOUGH THE SALESMAN " TRIED ", HE DID NOT SOLVE THE PROBLEM.

Great fit easy to setup

DO NOT USE THIS DEVICE IF YOU NEED HOTP OR TOTP, IT HAS A FATAL SECURITY FLAW!! So, first, the good. -The unit works fine for FIDO2. -It is made in Korea, not a non TAA country. -Windows 10 and 11 can set the pin and factory reset the unit with no additional software. -It works out of the box on Debian 11.6.0, and probably any linux with a proper version of OpenSSH -It supports 'Resident Keys' or 'Discoverable Credentials' -Chrome based browsers on Linux manage the token's basics fine. You can see all 'Resident Keys' or 'Discoverable Credentials' as well as change or set a PIN and reset the token. The bad: -The unit only supports edcsa, it does NOT support ed25519/ed25519-sk. This is not recommended or acceptable for certain, ultra high security scenarios and for some applications MIGHT be considered unacceptable Though scenarios where this is a concern will probably buy a US or European made token at 10x the price... -TOTP is TECHNICALLY supported... if you use their app. On windows only. Not unexpected, since the unit has no battery or RTC. Having to use their App is an absolute deal breaker, as will be indicated below. -HOTP is TECHNICALLY supported... but must be setup with their app first, then you can short press the unit to trigger a HOTP slot as a keyboard/HID device. Having to use their App is an absolute deal breaker, as will be indicated below. -Their App does NOT support 'Resident Keys' or 'Discoverable Credentials.' It has no idea they are on there at all! This is a critical feature. Having to use their App is an absolute deal breaker, as will be indicated below. The absolute dealbreaker: Their app is NOT signed. This is incredibly inexcusable for a company even remotely pretending to be a security device provider. It is mind-bogglingly STUPID at best, and a catastrophic security flaw if you need to use their app. There is no way of knowing if their application has been modified or not, or if it is even a genuine version distributed by the maker. It will pop up a warning on windows every time, as it should, and will not let it run unless you change settings. You should not let the app run until the OEM posts the sha1/sha256/md5 checksum and signs the executable with an approved certificate. Getting a code signing certificate is TRIVIAL and CHEAP. 850 dollars for 10 years. Inexcusable... Update: It's actual incompetence at this point. They've signed the INSTALLER, but have not signed their app.

This is a low price alternative to the most famous security key (passkey), but with all the needed bells and whistles. Simple, does the job as required. Inexpensive, so you have no excuses to deploy real 2FA for your small business or family devices.

Hoy dia es totalmente necesario esto, la gente deberia comprar al menos 1 para evitar problemas en internet, es muy facil de usar, solo conectar y ya

It’s working ok, but I got to use for logging in with finger, and it’s not doing that it’s work for 2 Step verification, but doesn’t seem to be using the finger print, from my understanding. Any finger can be used but need the device to be plug in, like the code via SMS or app, w/o using and enter code, tho!