We are now in a World of Passwordless, the ability to access accounts, services and devices through Biometrics and Security Keys. To enhance security, to make things easier and, fundamentally, to allow us to purge our memories of passwords and ability of creation of new passwords. These Security Keys allow you to register them against accounts, services, devices, etc. and serve as a method of authentication.
This example on the right is accessing Outlook Web Access. You’ll get the usual username/password prompt, but below is other options including Security Key. So after selecting Security Key, you are prompted with these windows. Insert key, enter PIN for verification and straight into Outlook. No username, email address or password needed. Note. The same prompt will appear regardless of whether it’s Feitian or Yubico.
As a technical person, my philosophy is never rely on one method of access. Multiple methods of access, in a priority listing; Biometrics, security keys, passwords.
ok, now i’d like to break this article down, due to recent experiences. Both of my keys are configured for various accounts, services and devices. All work perfectly. Log in, touch the key, all is good. However, as these keys were configured sometime back and the PIN set. I can no longer remember the PIN. What i thought it was, it wasn’t and i now needed to wipe/reset the key and start again. Note. Hence why i mentioned the multiple methods of access.
The fix? Full Reset.
How? Software Needed.
Click on link, download, unzip and execute. Once installed successfully, execute application.
Search for Feitian or look for recently added applications, then double click to open.
You’ll be presented with this screen, insert your Feitian Security Key.
The app will detect the key, the icon will change to green and you’ll have a message in red to click on.
Navigate to Applications and then FIDO2 and click on Reset Device. It’ll ask you to remove and reinsert your Security Key in order to reset. Once done, re-navigate to FIDO2 and PIN Management and create a new PIN. Then exit app and navigate to your accounts, services and devices and configure them to accept your Security Key.
See this experience as your Q1 2022 cleansing. Clean out, refresh, delete if not needed. Similar to the cleansing out of social media accounts and contacts.
Same as before, click on link, download, unzip and execute. Once installed successfully, execute application.
Search for YubiKey or look for recently added applications, then double click to open. Note. It appears this needs to be run as Administrator. So you’ll need to right click and Run As Administrator.
Insert your key, validate if needed.
Once successful, you’ll see your key with any respective information.
Navigate to Applications and select FIDO2 from drop down list.
Same as before, Reset FIDO, remove/reinsert key for Reset and then navigate back to create a new PIN.
Just as an aside, depending on your age, you may remember this guy promoting a certain green can of beverage.
Lastly, you may query as to whether there is a real need for these keys. Are they being actively used with companies, or are they just a gimmick or back up solution. Honestly, it varies. I am seeing a lot of interested in Windows Hello and Biometrics. Ability to login without passwords essentially. However, before going down this route, you need to determine whether the device you intend to use is compatible. Does it have the correct camera, does it have the correct Windows version? From a company level, if not compatible, then is the plan to invest in new devices that are compatible or purchase accessories that will. Either way, then maybe the method forward would be to validate that what you have works, use keys for the ones that don’t with a view that when the upgrade occurs, they’ll have the correct device. Of course, this assumes they only use one device.
If I take myself as the example, at home I am fully compatible, in office with an accessory that makes me compatible, if on the road then not. But in all 3 locations, the key will always work.