From 7462e5d59aa8bd287ac478f66bd7a784b75744e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?King=20K=C3=A9vin?= Date: Thu, 28 Mar 2024 05:58:46 +0100 Subject: [PATCH] doc: fix typos and add re-enumeration --- README.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index d6cd650..2b50b19 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,23 @@ -passkey type your credentials for you. +passkey types your credentials upon button press. purpose ======= -This USB dongle will help you out if you have to enter your credentials frequently. +This USB dongle will help out if you have to enter your credentials frequently. Temporarily store the credential on it, and press a button for passkey to enter it for you. usage ===== - passkey will appear as USB serial port and keyboard -- connect to it using a serial terminal (baud rate it not important) +- connect to it using a serial terminal (baud rate is not important) - enter the credentials you often have to input - press on one button for passkey to input the username and password -- press on the other button for passkey to input password +- press on the other button for passkey to input password -The credentials are saved in RAM and will clear as soon a power is removed. +The credentials are saved in RAM and will clear as soon as power is removed. You can also clear the credentials by pressing on both buttons. +And they will be cleared when it gets re-enumerated, e.g. when the hub it is in gets reconnected. The passkey will blink until credentials are saved. Configuration available in the terminal: @@ -25,3 +26,10 @@ Configuration available in the terminal: - the keyboard layout used - global timeout to clear the credentials - last usage timeout to clear the credentials +- manufacturer device authentication using challenge response (with unique per device key) +- user device authentication using challenge response (with user provided key) + +The device is protected against firmware read-out, re-flashing, and debug. +This should prevent against installing malicious firmware to steal credentials. +The challenge response allows authenticating the device. +It relies on the micro-controller security though (not rated for security applications), and if this can be circumvented, all is lost.