Skip to content

Fido2 Key for Secure Logins

With the Pico Fido you will have a personal secure Passkey to identify to any Fido2 portal.
  • Use Pico Fido as your PASSKEY
  • Avoid using old-fashioned login/password systems
  • Store infinite web credentials in a single device
Features

CTAP 2.2 / CTAP 1.2

ECC curves: SECP, Brainpool and Koblitz

WebAuthn

U2F

HMAC-Secret extension

minPinLength extension

CredProtect extension

CredBlob and LargeBlob extensions (2048 bytes max)

User presence enforcement through physical button

Config vendor support for button management

User verification with PIN support

Discoverable/resident credentials

Credential management

Enterprise and self attestations

ECDSA and EDDSA authentication

secp256r1, secp384r1, secp521r1, secp256k1 and ed25519 curves

App registration and login

Device selection

OTP and OATH support

Backup with 24 words

Secure lock to protect the device from flash dumps

Permissions support (MC, GA, CM, ACFG, LBW)

Authenticator configuration

TOTP / HOTP

Challenge-response generation

Emulated keyboard interface

Button press generates an OTP that is directly typed

Secure Boot and Secure Lock in RP2350 and ESP32-S3 MCUs

One Time Programming to store the master key that encrypts all resident keys and seeds

Rescue interface to allow recovery of the device if it becomes unresponsive or undetectable

LED customization with Pico Commissioner.

Open source: hardware and software

For an open audit by all the community. Hosted at Github.
It runs on any Raspberry Pico board or ESP32-S3.
What is Pico Keys?

Pico Keys is a set of firmwares ready to run on any Raspberry Pico or ESP32-S3 microcontroller.. Each firmware (Pico HSM, Pico Fido and Pico OpenPGP) follows separate standardized specifications with different purposes but with a single common premise: having a personal key device.

How to run the firmware?

Just download the firmware for your board and load it. It will convert your Pico device into a personal key. Just plug it in your USB and it will be identified by your OS automatically.

Which firmware do I need?

If you need to generate and store dozens of keys, then go for Pico HSM. If you are looking for a personal Passkey (Fido2) for secure logging, then go for Pico Fido. If you need to interface with PGP keys for secure e-mail, then go for Pico OpenPGP.

Do you provide the hardware?

No. You can acquire multiple boards mounting a RP2040, RP2350 or ESP32-S3 chip from different vendors. Our firmwares are ready to run on any board.

Which hardware is recommended?

For boards using either the RP2350 or ESP32-S3 chips, both are recommended. The RP2350 stands out with a larger One-Time Programming (OTP) region, providing additional space for storing secure keys and configurations, and is likely to offer greater support for future updates. However, the RP2040 is not advisable for applications requiring hardware security, as it lacks built-in security features essential for robust protection.

Start making your keys more secure

Never is too late to start to keep your keys safer. It is time to start

START TODAY

Download

Getting started

About me

This is another project, as many I started.

Copyright