LionKey Offers an Open Source Take on FIDO2-Compliant Two-Factor and Passwordless Authentication

Engineer and maker Aleksei Karavaev has designed a compact USB dongle specifically to host the LionKey firmware — turning it into a dual-USB port FIDO2 universal second-factor and passwordless security key for mobile and desktop use.

"I've always wanted a hardware security key. Passwordless login and anti-phishing protection are very tempting, and I'm sick and tired of solving CAPTCHAs and typing OTP [One-Time Password] codes," Karavaev explains of the project's inspiration. "The only problem was that I didn't really want to use a YubiKey because it's closed-source, and I prefer to own things I understand and can verify. (But man, they do have a cool shine-through PCB.) SoloKeys seems like a good option, but they don't have any dual-[USB] port solutions. Also, their latest versions use Rust firmware, and I don't know Rust. So, this cool gizmo was born!"

The LionKey is designed as a hardware host for the LionKey firmware, created by Martin Endler as part of his master's thesis. Karavaev's version places an STMicroelectronics STM32H533 — "which," the maker says by way of explaining the component choice, "has significantly more cryptography features than the STM32L432 used in SoloKey" — on a compact PCB that has USB Type-C connector at one end and an extended edge-connector for USB Type-A sockets at the other, allowing it to be used with both newer and older USB host devices including most smartphones and tablets.

"I've also added an RGB PCB shine-through LED," Karavaev notes, having been enamored of YubiKey's similarly shine-through design, "and some pins for experimenting with other peripherals."

The project is documented on Hackaday.io, while the original LionKey firmware is available on GitHub under the permissive MIT license.