FEITIAN MultiPass K16 USB Security Key - FIDO U2F - Two Factor Authenticator with Multiple Interfaces - USB-A, NFC, Bluetooth - Help Prevent Account Takeovers with Multi-Factor Authentication

Background: FIDO is an international alliance of companies who support two-factor authentication (2FA), using a proven-secure method of generating a public/private key pair for each website that supports FIDO authentication. This means, once you have set up 2FA on that site, using a FIDO security key or token, that FIDO device will be required to log into the site, along with your typical username and password. Each website gets its own, unique cryptographic key pair, so nobody can use information from one website to log into a different website.Google was one of the early developers and supporters of this initiative. Originally, Google supported FIDO keys for their "two step verification" sign-on, with backup authentication methods also enabled (such as a printed list of one-time PIN numbers, or a text to a smartphone). This method is still available. Recently, Google added a second, more secure option, the "Advanced Protection Program". Under this program, the *only* way you (or someone else) can log into your Google account is by using a FIDO key or token. This requires at least two keys, so that, if you lose or destroy one of the keys, you still have another. Without the key(s), you'd have to request a workaround from Google, which is only granted after several days and some user verification steps.This Feitian FIDO key is unique (at least as of now), in that it supports the traditional USB attachment, which emulates a standard USB keyboard (a "Human Interface Device" or HID), and it also includes both NFC (for Android devices with a NFC tag reader) and Bluetooth Low Energy (BLE) for Apple and other devices.Aside from the three-method attachment, this key performs exactly the same function as other FIDO keys, such as the YubiKey family of FIDO products.There have been a couple of reviews complaining about the packaging, wondering if it was secure. First: even if somebody got their hands on your key, there is absolutely nothing they can do with it to access your websites or personal information. The keys are useless until paired with each company's website. There is nothing to hack, nothing that can be altered, and no risk. Second: this is a very new product, and perhaps the initial shipping/packaging materials were temporarily sub-par. The unit I received today was nicely packaged, as would be a typical Amazon "Frustration Free" product. It came in a small brown cardboard box, with a paper tamper evident seal, and a slide-out sleeve. The package includes the key (in a cut-out custom foam surround, a short USB A to micro USB cable, and a pairing guide.Setting it up was trivially easy, and both the Bluetooth pairing and FIDO pairing worked on the first try. I can't comment on the ruggedness of the key, since I just got it, but personally, I wouldn't put it directly on a key ring with keys, in a pocket, as this would probably beat up the device over time. Attaching it to a key ring by using a second ring to extend it out from the keys and allow more twisting motion would probably help, However, if you want a nearly indestructible key, get a YubiKey.

I just bought a new phone, google requested that i authenticate using a few ways. This is one of them. You may need to switch between bluetooth and authentication. It's easily charged. Authentication is simple. The pairing code is at the back of the small device. It simply works. You need to get used to have a 2FA whenever you need to sign in your account from a different device. Takes time to get used to it.

I like this for Win7, Android Nougat 7 and Ubuntu 17.04. With the computers it's like all the other FIDO keys in that it only seems to work in Chrome web browser and not Firefox. I did read these work on Opera too but I never tried it. Windows picked it right up from Chrome browser but Ubuntu took a bit of tweaking. This is what I did from a terminal:sudo -E susudo echo 'KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0664", GROUP="plugdev"' > /etc/udev/rules.d/70-u2f.rulesThen open up Chromium Web Browser to a google sign in page and it works. It may take 2 tries. I'm not sure if I'm holding the Feitian button too long but sometimes it wants to retry and then picks it up.Now with the Android N 7 phone-it's a Moto 4G and I had paired it already with Bluetooth and that was fine. Getting it to look for a key was tricky and I'm not sure why it started to ask me for a key. I had read u need to have the Google Authenticator and Chrome apps installed which I have. First do all this in a computer and set up your key there. Then on the phone, use the Chrome app and login to a google page. It will ask for your bluetooth FIDO key and then press the button when prompted. I held it in 5 seconds until the Bluetooth lit on the FIDO. Maybe I held it too long again because it failed and wanted to retry but the 2nd time it found it right away.So, I'm happy with this. Finally a U2F key that connects to my phone that doesn't have NFC. I'll for that on my next phone and hopefully this feature on the Feitian works too but it's good for the USB and Bluetooth using the computers and phone that I have.This fits nicely next to my dog tags on a chain. Very light weight and thin too so it easily goes under your shirt! I took a picture which is posted here.EDITSomething I just noticed a week later when I used a micro USB cable at work is that even for data transfer this key needs a heavy duty cable unlike other keys. The one they provide works fine but for a second cable, this works:Micro USB cable,Coeuspow Durable Silicone USB Charge Data Sync Cable for Samsung Galaxy S6/5 Note HTC Nokia Motorola Lg Google Nexus, Android Smartphone and Tablet-2*Pack 6 Inch (15 cm)I like this key-it has been pretty reliable once I got the permissions right in Linux and used a heavy duty cable in Windows. My phone always get it over Bluetooth. I started Google's Advanced Protection (GAP) plan where my Google account can ONLY be accessed with my password and 1 of my 4 FIDO keys-this being 1 of them.