diff --git a/README.md b/README.md index d6cd650..2b50b19 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,23 @@ -passkey type your credentials for you. +passkey types your credentials upon button press. purpose ======= -This USB dongle will help you out if you have to enter your credentials frequently. +This USB dongle will help out if you have to enter your credentials frequently. Temporarily store the credential on it, and press a button for passkey to enter it for you. usage ===== - passkey will appear as USB serial port and keyboard -- connect to it using a serial terminal (baud rate it not important) +- connect to it using a serial terminal (baud rate is not important) - enter the credentials you often have to input - press on one button for passkey to input the username and password -- press on the other button for passkey to input password +- press on the other button for passkey to input password -The credentials are saved in RAM and will clear as soon a power is removed. +The credentials are saved in RAM and will clear as soon as power is removed. You can also clear the credentials by pressing on both buttons. +And they will be cleared when it gets re-enumerated, e.g. when the hub it is in gets reconnected. The passkey will blink until credentials are saved. Configuration available in the terminal: @@ -25,3 +26,10 @@ Configuration available in the terminal: - the keyboard layout used - global timeout to clear the credentials - last usage timeout to clear the credentials +- manufacturer device authentication using challenge response (with unique per device key) +- user device authentication using challenge response (with user provided key) + +The device is protected against firmware read-out, re-flashing, and debug. +This should prevent against installing malicious firmware to steal credentials. +The challenge response allows authenticating the device. +It relies on the micro-controller security though (not rated for security applications), and if this can be circumvented, all is lost.