Every 2 weeks, Conor Gilsenan hosts a conversation with creators, researchers, founders, and advocates who are working to improve the usability of security and privacy technologies. Guests share what they are currently working on, how they got to where they are today, who they are trying to help, and what keeps them motivated to overcome challenges along the way. The goal is for the rest of us to learn from their experiences and go on to promote usable security and privacy within our own projects and organizations.
https://allthingsauth.com/podcast
episode 1: #001 - Open-source Hardware Security Keys with Conor Patrick of SoloKeys
Conor explains what security keys are and why they provide a stronger level of security than other methods of 2FA. He shares the story about how he created and sold his first open-source security key on Amazon while he was an undergraduate studying Computer Engineering and how that project evolved into a wildly successful Kickstarter project that launched SoloKeys the company.
Towards the end of the conversation, Conor shares his thoughts on the recent trend of using phones as security keys and highlights Somu, the next exciting product that he and his team are working on right now.
Social media & website
- SoloKey’s Twitter: @SoloKeysSec
- SoloKeys website
- Conor Patrick’s Twitter: @_conorpp
Resources mentioned in episode
- Phishing resistance two factor authentication (2FA) comes from implementing the FIDO2: WebAuthn & CTAP specifications.
- U2F Zero security key
- In his blog post, Designing and Producing 2FA tokens to Sell on Amazon, Conor explains how he created and sold an open source security key named U2F Zero while an undergrad in university.
- You can access the hardware designs and software in the GitHub repo conorpp/u2f-zero.
- You can build your own U2F Zero by following the instructions in the Build a U2F Token wiki page.
- SoloKey security key
- SoloKeys, the company, launched after raising $125,000 in a hugely successful Kickstarter project.
- In his blog post, Designing Solo, a new U2F/FIDO2 Token, Conor explains
- The hardware and software for SoloKey’s open source hardware security key, Solo, is available in the GitHub repo solokeys/solo.
- Google Security Blog: Now generally available: Android phone’s built-in security key
- NitroKey security key
- NitroKey, a commercial provider of security keys, based their open source U2F security key on Conor’s U2F Zero project. You can access the Nitrokey firmware and hardware in the GitHub repo Nitrokey/nitrokey-fido-u2f-firmware.
- NitroKey is also building security keys based on SoloKey’s current design as well.
- Somu: A tiny FIDO2 security key for two-factor authentication and passwordless login
Canonical URL: https://allthingsauth.com/podcast/001-conor-patrick-of-solokeys