看到 Virtual-FIDO 。這個專案的目標是 : Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) to support 2FA and WebAuthN.
Features
- Support for both Windows and Linux through USB/IP (Mac support coming later)
- Connect using both U2F and FIDO2 protocols for both normal 2FA and WebAuthN
- Store credentials in an encrypted format with a passphrase
- Store credential data anywhere (example provided: a local file)
- Generic approval mechanism for credential creation and login (example provided: terminal-based)
這個專案利用 USB/IP Server 連接 USB ,模擬 USB/CTAP protocols 來提供 U2F/FIDO2 服務 看起來打算用 encrypted file(因為要跨 OS) 來保護機密 (是一個缺點) 看 Issues 是有針對這一點與 export credentials 的方便性做討論
硬體保護 + 插拔 + 按壓應該還是目前安全得多