FIDO2.1 Security Key Management Tool
version 1.1
1. Overview:
The FIDO2.1 Security Key Management Tool is a utility designed to manage and interact with FIDO2.1 security keys.
It provides functionalities to view information, manage relying parties, and perform various operations on
connected FIDO2.1 devices.
2. Main Window:
Devices Dropdown:
- Displays a list of connected FIDO2.1 devices.
- Select a device from the dropdown to view information and manage settings.
Device Info Element:
- Displays information about the selected FIDO2.1 device.
- Shows the passkey storage information, such as total storage capacity available on the device, used and free passkey slots, etc.
- Includes details such as manufacturer, model, AAGUID, and version.
Show Passkeys:
- Opens a new window displaying information about relying parties associated with the selected device.
- Disabled if no device is selected or if the selected device has no passkeys stored.
Reset Button:
- Resets the selected FIDO2.1 device to its default state.
- Resetting a FIDO2.1 key is only possible within 10 seconds after plugging in, so you may need to replug the key when resetting.
- Requires confirmation and pressing/touching the button before execution.
Change PIN Button:
- Opens a new window to change the PIN for the selected device.
Set PIN Button:
- Opens a new window to set the PIN for the selected device.
- Enabled only if the selected key does not have a PIN set.
Refresh Button:
- Updates the list of connected FIDO2.1 devices in the dropdown (i.e. plugged after the app is launched).
3. Passkeys Window:
- Displays a list of passkeys stored with the selected FIDO2.1 device.
- To remove a passkey, select the row in the list and click on Delete
- Requires confirmation before execution.
Note: This tool interacts only with FIDO2.1 security keys. Ensure the device connected is a FIDO2.1 key before
using the application.
4. FAQ:
Q: Is this for Token2 devices only?
A: No, being a member of FIDO Alliance, we try to make tools usable with any devices compliant with the current standards. This tool can be used with any FIDO2.1 security key, not only ours.
Q: My Google Titan v2 is not working with your tool.
A: Google Titan v2 is a FIDO2.0 device. FIDO2.0 does not allow passkey management. Our tool only supports FIDO2.1 standard.
Q: Is this Token2's original software? Why was this created?
A: This is simply a GUI wrapper of a libfido2 based command-line utility. The need raised from the fact that there is currently no standalone FIDO2.1 passkey management tool for Windows available. Our customers were not comfortable using command line tools or Chromium-based management methods - this tool is to address these needs.
Q: I do not have the PIN for the key, can I still use it?
A: You can perform a factory reset using the provided batch file factory_reset.bat. However, please note that this operation will remove not only the PIN code, but also delete all account information (passkeys).
Q: Can I manage my FIDO2.1 keys via NFC using this tool?
A: Yes, this is possible starting from version 1.1 of this tool. Please note that NFC functionality was tested only using NFC Reader devices provided by Token2.
Version history
- 1.2 (22-04-2024): PIN Code characters related fixes.
- 1.1 (13-04-2024): NFC Transport support.
- 1.0 (05-02-2024): Initial version.