This is the second article from the series focused on the FIDO keys from couple manufacturers.
About Trustkey
According to official webpage
TrustKey Solutions strives to be the recognized leader in secure authentication solutions worldwide. We will lead the market for passwordless authentication by engineering innovative security solutions for use by all people, everywhere.
Additionally Trustkey (eWBM) is a member of Microsoft Intelligent Security Association and FIDO Aliance
Keys overview
In this article I’d like to share with you my thought after 2 weeks of using TrustKey Solutions, Inc. security keys:
| Model | T110 | T120 | G310H | G320H |
| Picture |  |  |  |  |
| Supported OS | Windows PC, Mac, Linux, Chromebook, Android. | Windows PC, Mac, Linux, Chromebook, Android. | Windows PC, Mac, Linux, Chromebook, Android. | Windows PC, Mac, Linux, Chromebook, Android. |
| Interface | USB-A | USB-C | USB-A, Biometric | USB-C, Biometric |
| Features | TOTP, HOTP | TOTP, HOTP | Windows Hello, TOTP, HOTP | Windows Hello, TOTP, HOTP |
| Security algorithm | SHA256, AES, HMAC, ECDH, ECDSA, | SHA256, AES, HMAC, ECDH, ECDSA, | SHA256, AES, HMAC, ECDH, ECDSA, | SHA256, AES, HMAC, ECDH, ECDSA, |
| Standard | FIDO2, U2F | FIDO2, U2F | FIDO2, U2F | FIDO2, U2F |
| Notes |
AAGuids
| Model | AAGuid |
| TrustKey T110 | da776f39-f6c8-4a89-b252-1d86137a46ba |
| TrustKey T120 | e3512a8a-62ae-11ea-bc55-0242ac130003 |
| TrustKey G310H | 95442b2e-f15e-4def-b270-efb106facb4e |
| TrustKey G320H | 87dbc5a1-4c94-4dc8-8a47-97d800fd1f3c |
Azure AD integration
All provided security keys are working properly with Azure AD. All keys with fingerprint sensors are also Windows Hello for Business certified.
LAB details
In order to do the tests for this article I have created dedicated user called trustkeytester in my lab.
In my lab, I have created a dedicated group called Passwordless which is used for FIDO2 Security Key authentication method.
PIN Key setup
In order to configure PIN it is required to download additional software from this link: https://www.trustkeysolutions.com/support/keymanager/
After the installation run TrustKey Key Manager.
First thing to configure is a PIN setup.
When we are ready with PIN next steps will be to ad dnew authentication method to test account (skipped).
Biometric Key Setup
To scan your fingerprint for biometric keys it is required to download additional software from this link: https://www.trustkeysolutions.com/support/BioManager/
After the installation run TrustKey BioManager.
At the very first step you have to set up PIN
On the new screen click Add Fingerprint and follow the instructions.
If you want you can add multiple fingerprints in case of losing / cutting one 🙂
Screen below depicted configuration for the TrustKeytester account authentication methods.
Outro
As you most probably noticed I have shown you how those keys could work with Azure AD and related services.
The final comparison between other manufacturers’ keys will be described in the last episode of the series.
Test devices were provided by TrustKey Solutions, Inc.
https://www.trustkeysolutions.com/
Comments are closed.