Security News > 2020 > February > Google launches open-source security key project, OpenSK
Interested in using hardware security keys to log into online services more securely? Well, now you can make your own from scratch, thanks to an open-source project that Google announced last week.
Google has released an open-source implementation called OpenSK. It's a piece of firmware that you can install on a USB dongle of your own, turning it into a usable FIDO or U2F key.
As an open-source project, there are some caveats that make this more of a research project than an official alternative to manufactured security keys for board hackers.
While Google tested the firmware against CTAP 2.0, which is a protocol that's part of FIDO2 that enables digital keys to work with a browser, the FIDO Alliance hasn't certified OpenSK, which means it can't call the project FIDO Certified.
CrowdSupply successfully crowdfunded Somu, a tiny open-source security key that supported FIDO2.
News URL
https://nakedsecurity.sophos.com/2020/02/03/google-launches-open-source-security-key-project-opensk/
Related news
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Orbit: Open-source Nuclei security scanning and automation platform (source)
- Misconfig Mapper: Open-source tool to uncover security misconfigurations (source)
- OSPS Baseline: Practical security best practices for open source software projects (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- Why The Modern Google Workspace Needs Unified Security (source)
- Google paid $12 million in bug bounties last year to security researchers (source)
- NetBird: Open-source network security (source)
- IntelMQ: Open-source tool for collecting and processing security feeds (source)