Solo, the First Open Source FIDO2 Security Key, Is Back with a More Robust, Rust-Powered Upgrade

Conor Patrick and colleagues are back on Kickstarter, this time to crowdfund a second-generation Rust-powered version of the open source Solo security key — called, unsurprisingly enough, Solo V2.

Patrick's original Solo design launched on Kickstarter two years ago as the first open source security key to implement the at-the-time-new FIDO2 universal second factor (U2F) security standard. Now, Patrick's back with Solo V2 — and promises some convincing reasons to upgrade.

"Solo V2 is a complete redesign of our original FIDO2 security key," Patrick claims. The hardware is more physically robust. NFC performance is increased and uses a brand new microcontroller by NXP with enhanced security features. The firmware has been rewritten in Rust to be more modular/reusable by the community and to reduce the attack surface. Our goal with Solo V2 is to harden physical security of the device itself while providing all the protections that come with 2FA or passwordless login."

In operation, the Solo V2 is identical to the original: The key is used for second-factor or passwordless login on sites and services supporting the FIDO2, U2F, and WebAuthN standards. When requested, the key is inserted into an available USB port — or placed near an NFC reader — and a button pushed to initiate the authentication process.

As well as the new Rust-based firmware and more robust hardware the Solo V2 offers a reversible USB Type-A connector or optional USB Type-C connector, touch pads for actuation in place of a physical button, a tenfold boost in NFC performance, and in-the-field firmware upgrade functionality.

The campaign is now live on Kickstarter, with physical rewards starting at $29 for a single Solo V2.