Google open-sources the tools needed to make 2FA security keys

Rachel England
Contributing Writer
Google

Security keys are designed to make logging in to devices simpler and more secure, but not everyone has access to them, or the inclination to use them. Until now. Today, Google has launched an open source project that will help hobbyists and hardware vendors build their own security keys, and contribute to the technology's ongoing development.

The initiative, called OpenSK, uses Rust-based firmware to essentially turn Nordic chip dongles into a FIDO U2F and FIDO2-compliant security key. Google has also published a source code for users to 3D print a physical case for the dongle, so their security keys look and can be used like standard keys.

In a blog post, Google said it chose Nordic chip dongles because they're affordable and support all the criteria stipulated by FIDO2 standards, such as NFC and Bluetooth Low Energy. However, the company is hoping to expand OpenSK for other chips as well.

By making these resources available to everyone, Google is helping to advance the password-less security field -- people tinkering with their own projects gives rise to innovation, after all. Indeed, Google seems to be looking quite far ahead with OpenSK, noting in its blog post that "While you can make your own fully functional FIDO authenticator today ... this release should be considered as an experimental research project to be used for testing and research purposes." Kjetil Holstad, director of product management at Nordic, meanwhile, says he hopes the collaboration will "help the industry gain mainstream adoption of security keys."