Getting Started¶
The Nitrokey FIDO2 supports two-factor authentication (2FA) and passwordless authentication:
With passwordless authentication, entering a password is replaced by logging in with the Nitrokey FIDO2 and a PIN.
With two-factor authentication (2FA), the Nitrokey FIDO2 is checked in addition to the password.
The Nitrokey FIDO2 can be used with any current browser.
Important
The Nitrokey App can not be used for the Nitrokey FIDO2.
Tip
Check online if your Nitrokey FIDO2 has the latest firmware installed.
Passwordless Authentication¶
Open a web page that supports FIDO2 (for example Google).
Log in to the website and go to “Passkeys and security keys” in the security settings of your account.
Click on Create passkey.
Click on Use a different device.
Follow the prompts to set a PIN for your Nitrokey FIDO2.
Touch the button of your Nitrokey FIDO2 when prompted.
Once you have successfully configured the device, you will need to activate your Nitrokey FIDO2 this way each time you log in, after entering your PIN.
Two-Factor Authentication (2FA)¶
Open one of the websites that support FIDO U2F.
Log in to the website and enable two-factor authentication in your account settings. (In most cases you will find a link to the documentation of the supported web service at dongleauth.com)
Register your Nitrokey FIDO2 in the account settings by touching the button to activate the Nitrokey FIDO2. After you have successfully configured the device, you must activate the Nitrokey FIDO2 this way each time you log in.
You are now ready to go.
Troubleshooting (Linux)¶
If the Nitrokey is not detected, proceed the following:
Copy this file 41-nitrokey.rules to
/etc/udev/rules.d/
. In very rare cases, the system will need the older version of this file.Restart udev via
sudo service udev restart
orudevadm control --reload-rules && udevadm trigger
if you are using Fedora.