This is the first article from the series focused on the FIDO keys from couple manufacturers.

In last months I was asked multiple times about ‘the best’ aka ‘the most secured’ models of the FIDO2 keys.

Those questions moved me to prepare tests of the multiple types of the security keys.

About Feitian

According to official webpage

FEITIAN provides strong authentication solutions to fit the needs that cover financial, healthcare, government, enterprise, payment, and more. Backed with a strong and experienced R&D team, FEITIAN is able to quickly react to the industry trends and market requests, with easy integration at a competitive cost.

Additionally Feitian is a member of Microsoft Intelligent Security Association and FIDO Aliance

Keys overview

In this article I’d like to share with you my thought after 2 weeks of using FEITIAN Technologies Co., Ltd. security keys:

ModelePass FIDO NFC Security Key K9BioPass FIDO Security Key K27AllinPass FIDO-UC Security Key K33
Supported OSWindows, MacOS, Chrome OS, AndroidWindows, MacOS, Chrome OS, AndroidWindows, MacOS, Chrome OS, Android
InterfaceUSB-A, NFCUSB-A , NFC, BiometricUSB-C , NFC, BLE, Biometric
Optional apppletHOTP, TOTP, PIV (on demand)PIV (on demand)
Security algorithmSHA256 with ECDSA on P-256, SHA-1ECDSA, SHA256, AES, HMAC, ECDECDSA, SHA256, AES, HMAC, ECDH
NotesABS chassis,
Water resistant
Metal chassisABS + Metal chassis, Battery
Keys overview


ePass FIDO NFC Security Key K9ee041bce-25e5-4cdb-8f86-897fd6418464
BioPass FIDO Security Key K2777010bd7-212a-4fc9-b236-d2ca5e9d4084
AllinPass FIDO-UC Security Key K3312ded745-4bed-47d4-abaa-e713f51d6393

Azure AD integration

As you may already know I’m focused on the Azure AD security at my work, that is why I have decided to check how those keys will work after integration with Azure AD and accessing resources like – Teams, Exchange Online, SharePoint Online, Azure Portal and integration with Windows Hello for Business where possible.

LAB details

In order to do the tests for this article I have created dedicated user called feitiantester in my lab.

In my lab, I have created a dedicated group called Passwordless which is used for FIDO2 Security Key authentication method.

To configure Authentication Methods please open the following URL:

Because one of the provided keys was not working I have decided to configure block restriction for its AAGUID

FIDO2 Security Key Authentication Method configuration


After one week from test I have received new sample of the K27 key. That means there will be no block AAGUIDS within the environment.

As you may discovered I’m allowing self-service set up so all Passwordless group members will be able to enroll keys on their own.

To configure authentication method from end user perspective we need to use the following URL:

PIN Key setup

Below are the screens from the ePass FIDO NFC Security Key K9 configuration

As you can see for the standard key we are required only to setup PIN and we are ready to go

Biometric Key Setup

To scan your fingerprint for biometric keys it is required to download additional software from this link:
After the installation run BioPass FIDO2 Manager.

At the very first step you have to click Add Fingerprint, and then you will be asked to Set up PIN

BioPass FIDO2 Manager

If you want you can check if your finger print was scanned successfully using Test Fingerprint option

So when you have set up PIN and Biometric you can add a new key for the Authentication method as we did previously.

Bluetooth Key Setup

One of the provided keys have Bluetooth as an alternative way of communication with computer.

To setup it you have to press small button on the key for at least 5 seconds until Bluetooth icon will light blue.

Then you can follow standard Bluetooth parring procedure on your system

After pairing you can try to login to the Azure Portal using security key working in the Bluetooth mode.


As you most probably noticed I have shown you how those keys could work with Azure AD and related services.
The final comparison between other manufacturers’ keys will be described in the last episode of the series.

Test devices were provided by the FEITIAN Technologies Co., Ltd.

Comments are closed.