SoloKeys started as a Kickstarter campaign back in 2018, with the Solo and Solo Tap, and since then has garnered enough success to work on a Solo V2 model. Driven by the desire to have an open-source security key, the code for the device is made available, but to be clear, the Solo 1 Tap is locked down as would any other security key be.
The Solo 1 Tap is very similar in size and shape to it’s key-shaped counterparts, if just slightly thicker once you slide the silicon sleeve over it; the one I received came with a red and black sleeve. The USB-A model sports your typical exposed blade, and the device has a mechanical touch sensor on it, that falls under the S logo on the sleeve. Two LED status lights illuminate from underneath the silicon. The key has a quality construction feel to it, even though the silicon case could be potentially polarizing from a design perspective.
Available Features And Management
The Solo 1 Tap supports FIDO2 as well as FIDO U2F.
FIPS 140 Availability
SoloKeys does not produce a FIPS 140 variant of this key.
Enrollment And Usage
The most prominent hurdle is that this key is not Microsoft verified. While neither Microsoft nor SoloKeys claims that it is, using an unverified key requires disabling attestation in Azure AD. Understandably that was likely not a priority when first launching the product, but would love to see it go through the rounds with Microsoft so that there is easier integration. I’ll reach out to SoloKeys to see if that’s on their roadmap.
Aside from the need to disable attestation, I was able to enroll the key without problems, both using USB and NFC.
The key worked consistently with USB and NFC after enrollment without issue.
The key was factory reset without issue.