Review on Feitian EPass NFC FIDO Security by Marcus Zimmerly
Inexpensive and most secure NFC enabled U2F dongle
This FIDO U2F security dongle works on all U2F enabled websites (including Google, Facebook and Bitbucket) and browsers (Chrome, Firefox and Brave) I've tried, although I've heard stories about sites that only work with certain key brands (philosophical error on pages of these sites, IMO). This is NOT a FIDO2 key, so it's only useful as a second factor (where your password is usually the first factor). In my experience I sometimes had to press the 'button' multiple times when using this via a USB OTG cable to my tablet. Whether this was due to issues with this device, my tablet, the OS, my apps, or the OTG cable, I'm not sure. Same goes for the key lock on my phone for NFC mode. In all cases, however, it ultimately worked. If websites tell you that your browser is not supported, search the web for instructions on how to enable U2F in your browser (Firefox in particular requires a special about:config option to be enabled for some websites). If you are wondering why U2F is better than other options, such as B. Codes sent via SMS or generated by authenticator apps, the main reason is better security. Aside from being vulnerable in other ways (e.g., stolen TOTP secrets, phone carrier social engineering, stolen SIM cards), these other methods won't protect you from a well-organized phishing attack - a phisher who Force them to choose your password A fake website can easily ask you for an SMS/authentication code and use it and your password to access your account. Some websites use risk-mitigating measures, e.g. B. adding an IP-based location to a text message or warning about new/suspicious logins, but U2F offers a much better protection: if you are on fakebank.com, the U2F key adds this information to the reply that it produces and legitimate Bank.com will not accept it. This device also includes some other "smart card" features, but I found these to be of limited use and not well documented. For example, it's somehow possible to store RSA public/private key pairs here for use with a computer, but I haven't been able to get this to do anything useful (using opensc on Linux). Feitian has several tools that allow you to choose a PIN for this feature and use it to automatically enter some forms of OTPs, but I didn't find this feature necessary/useful and don't use it.
- Secured with NXP semiconductors
- No automatic
New products
Comments (0)
Top products in 💾 USB Flash Drives
Titan Gray Samsung BAR Plus 256GB USB 3.1 Flash Drive (MUF-256BE4/AM) with Up to 400MB/s Transfer Speed
69 Review
32GB SanDisk USB Flash Drive (SDCZ430-032G-A46)
78 Review
Sandisk Ultra Flair 128 GB Silver USB Flash Drive: Reliable and High-Speed Storage
65 Review
Kingston DataTraveler SE9 32GB USB 2.0 Flash Drive for Reliable Data Storage (DTSE9H/32GBZ)
69 Review
Another interesting products
💽 2TB My Passport Ultra USB 3.0 Type-C External Hard Drive for Mac (Silver) + Case by WD
3 Review
💽 2TB My Passport for Mac USB 3.0 External Hard Drive (Midnight Blue) with Protective Case (Navy Blue)
5 Review
💽 High-Capacity WD 5TB My Passport Ultra for Mac Silver Portable External Hard Drive with USB-C and USB 3.1 Compatibility
10 Review
💾 Buffalo MiniStation 2TB - USB 3.0 Portable Hard Drive: Reliable and High-Speed Storage Solution (HD-PCF2.0U3BD)
9 Review