I’ve had the Apex Flex for a few months now and it’s neat. I’ve successfully setup a FIDO key for 2FA logins and could only get them to work with Facebook and Google, which is cool. I’m interested in going passwordless, is that only with FIDO2, if so, do you configure it the same way as I did with 2FA on these sites? I understand that FIDO2 is still in Beta on the flex, but I wanna start playing around.
Also, I saw that you can use your Vivokey to authenticate to log into the forum here within browser, but it flashes red when I scan my Apex. Does this not work with that specific implant and only on the old Spark Vivokey?
Thanks! This is my first post here and I look forward to all the awesomeness
It sounds like you are all over this.
Im sure you read the following
Vivokey offers two FIDO Security deployment
options to enable your VivoKey Apex implant or
vearable as a FIDO2 or FIDO U2F authenticatior
token. Our FIDO2 app is still in BETA and should
not be used for anything but testing purposes
Installation of a FIDO app and the VivoKey
attestation certificate will take a considerable
amount of time.
But if you havent seen these, they might be of interest to you
First one has some good info
(Ignore the fact that it says FlexSecure, Its basically the same chip as the ApexFlex, but untethered.)
And especially this one as you seem interested in testing and capable of doing so
Mine is setup for my Spark, I have not tried with my Apex
There is some development/revamp in the Spark area, I dont have the full details, but I BELIEVE The Sparks will benefit from the Apex and be more functional, but it will be limited, as there are limitations with the Spark chip itself, but I GUESS the Apex will get some backward compatibility also.
Of course, I could just be talking through a hole in my arse, so basically, if you cant get it to work just now, I would suggest you wait and see what comes of tge Spark revamp…
When it comes to Fido and passwordless authentication, it can get a little confusing.
First there was U2F or universal two factor. It allowed a security token to be used along with a password to authenticate.
Next came fido2 which enabled passwordless authentication, but can also support U2F fall back if that feature is implemented in the security key. Our application for Apex supports fallback.
Many sites that have implemented Fido still only support U2F for two factor. Some supported fido2 properly, but only very few.
Then came passkeys, and the implementation of them has started a race to completely own your identity by the big tech firms. What was designed to give you autonomous security is being corraled. Besides a confusing change of terms (fido2 vs passkeys) and complicated support for security keys vs phone based passkey authentication, there is evidence that companies that want your passkey stored on their platform are actually purposely making it much more difficult to use a traditional security key for fido2.
Case in point, if you want to register a security key for your Google account, it is now hidden under other options. Passkey is now being heavily promoted over token solutions.
The FIDO2 applets includes all the old U2F functionality and supersedes the U2F applet. It is backwards-compatible to services using the U2F standard. I recommend going with the FIDO2 applet, this gives you the maximum compatibility.
Awesome! I went ahead and upgraded to FIDO2, but I was out of room so I had to delete a few things. When I did I noticed there wasn’t an option to reinstall the BIP32 Wallet. I don’t use it, but it’s just strange that it’s no longer an option. Any ideas what might be going on? It’s not a big deal, I’m more curious.
It appears that Fidesmo is going through some unexpected issues with their platform which is blocking deployment of some applets. They have been made aware and they are working on it.
So I started playing with my implant since the swelling went down and it’s not hurting. I was testing out the applets installs again and still can’t install fido2…it at least tries now but still failes saying not enough space even when nothing is installed. Since on iPhone and don’t have apex manager app yet I started playing with the yubikey Authenticator which works great for otp codes. Any other substitute apps that I can play with for now? I also have a flipper can that be used to write to these in anyway?
How many FIDO2 residential keys can Apex Flex hold? Is the number different for FlexSecure? Can the RKs just fill the available storage or is there some kind of per-applet allocation going on?
With the push towards passkeys these implants are looking more and more interesting to me.