Reviewed: AllinPass FIDO

The FIDO2 Swiss Army Knife

Raghul Chandrasekar
Apr 30 · 8 min read

AllinPass FIDO is another security key from FEITIAN that we are going to be looking at in this article.

The AllinPass FIDO’s form factor is different from most keys (which resemble a USB stick).

The reason it has this form factor is because it has a battery enclosed. Why? Because in addition to USB and NFC, it supports Bluetooth.

Not many security keys provide support for Bluetooth today. It is, however, one of the communication protocols supported by CTAP 2.0 for interfacing with the client (for example, a browser).

Source: Introduction to WebAuthn API by Ackermann Yuriy

Here’s what we will cover:

  • Some basics about the AllinPass FIDO

Before we begin, if you want to know where you can use this FIDO2 key in your daily life, visit this website. This article is only going to talk about how you can go about using this key.

The Basics

  • FIDO2 Certified

Setting Up & Managing AllinPass FIDO

Desktop

Before you can begin using, you need to set a PIN and a fingerprint. You can do this in two ways: using the Windows 10 interface or the BioPass FIDO2 Manager.

If you are not on Windows, you can download the BioPass FIDO2 Manager for other OS-es here.

I have already covered the steps to do this in my review of the BioPass FIDO2. You can check it out here.

When you are setting a PIN for the first time, after entering the PIN, the app does not let you know that it is waiting for you to tap on the device to complete the setup. But know that if the GREEN LED light blinks, you need to tap. While this step is mentioned in the user guide, it would have been better if the app guides the user with a dialogue box of some kind.

Mobile

AllinPass FIDO does not require any prior setup to use with mobile devices. You can register the key with just a tap (no PIN or fingerprint verification) to confirm user presence. As mentioned in my review of the iePass FIDO, this is because FIDO2 is still a work in progress when it comes to mobiles.

Using the AllinPass FIDO

Desktop

Once you have setup key, you can start using it either by connecting connecting via USB (requires a USB-C to USB-A or USB-C cable) or Bluetooth.

The UX via USB is the same as the UX with BioPass FIDO2 which I have covered here.

Let us look at the UX with BLE. Pairing it via BLE is the same as pairing any other device.

  • Go to Windows Settings -> Devices -> Bluetooth and other devices and turn on Bluetooth.

Once you pair, you can view the battery percentage in Windows settings:

After pairing, this is how the registration and authentication on a website looks:

  • Prompt to turn on BLE on AllinPass FIDO. You can turn it on by clicking on the button and it will pair with your desktop automatically.
  • You then need to provide your fingerprint
  • It checks with the device to see if the user verification was successful and obtains the signed message
  • If you do not give fingerprint within the timeout period, it falls back to PIN+Tap

Mobile

Once again, the UX with AllinPass FIDO when you connect it to your smartphone via USB is similar to the UX of iePass FIDO which you can check out here.

Apart from USB, AllinPass FIDO provides you two other mechanisms: NFC and BLE. Let us look at both of those.

FEITIAN recommends that you use BLE only with Android and not with iOS devices. I tried to make it work with my iPhone but in vain.

The process of pairing the the key via Bluetooth is the same as Desktop. Unlike Desktops, you cannot view the battery percentage of the key on smartphones.

The UX is a bit fussy when using BLE but let us see how it looks like from start to finish:

  • Turn on Bluetooth on your smartphone and on AllinPass FIDO
  • Turn on Location services for the duration of this process
  • Click Begin
  • Get into pairing mode — follow the instructions on screen
  • Even after you press and hold the button, the screen does not move forward. This is where there is a small glitch that you need to work around. In order to proceed to the next step, you need to switch to the Bluetooth Settings page on your Android device for a brief moment and then come back to this page. Only then do you move forward to the next step:

Note: This seems to be an issue with the client (browser/mobile OS) not with the authenticator.

  • You will be prompted to tap on the capacitive sensor on the key by the blinking GREEN LED

The process is similar with NFC except, there is no glitch that requires a workaround.

  • Begin the authentication/registration process on the website for your online account
  • You will be prompted to turn on NFC just for the duration of this authentication process. That’s really thoughtful of the devs. Saves you a lot of unnecessary hassle.
  • Hold your security key flat against the back of your phone (right where the NFC sensor of your phone is) until it vibrates

And voila.

Hardware

Size

Dimensions: 57 × 40 × 6 mm

It fits comfortably in your pocket along with your keychain but does occupy quite a bit of space.

Build

The casing is plastic but FEITIAN has done a great job at keeping the sturdy and solid feel that their other keys have. The key surface does not give in to any presses and the button is tactile and easy to recognize.

Fingerprint Reader

It has the same fingerprint reader as the BioPass FIDO2. Quick and reliable.

The sensor has been neatly accentuated with a silver outline which makes it easy to recognize.

You can store up to 50 fingerprints without worrying about someone reverse engineering the fingerprint from the secure element that stores your fingerprint. Your fingerprint never leaves the device.

Cable

The box does not include any cable. In case you are planning to use the key via the wired option, be prepared to purchase one that suits your needs.

Battery

The AllinPass FIDO has a 60 mAH battery. Since it connects via Bluetooth Low Energy (BLE), this should comfortably get you through an entire week without having to charge.

LED Indicator

There are a couple of LEDs here for different things.

Apart from the above, there is also an LED for the battery which is turns ORANGE if the battery is low (less than 20%).

Q&A

  1. Can I set a PIN/fingerprint for AllinPass FIDO via Bluetooth?

Yes, you can. However, you can only do it when you are setting up the key using Windows 10 interface and not via the BioPass FIDO2 manager.

Adding a Fingerprint to AllinPass FIDO via BLE

2. If I add my AllinPass FIDO to an online account via USB, can I login next time via BLE?

Yes.

3. If I add my AllinPass FIDO via USB on a desktop, can I login next time on my mobile device with NFC/BLE?

Yes.

4. Can I interface AllinPass FIDO via USB with my smartphone (iOS or Android)?

Yes. I have not tested this personally but FEITIAN confirmed that this is possible. But, once again, you will need to purchase the required cable.

Conclusion

Pros

  • Multiple interfacing options — BLE, NFC and USB

Cons

  • No cable provided in the box

I personally prefer USB for desktops and NFC for mobiles. BLE is a bit of a hassle — it requires charging, pairing prior to using etc. USB is also cumbersome — unlike BioPass FIDO or iePass FIDO, the AllinPass FIDO requires you to carry around a cable along with your key.

With AllinPass, you get optionality. You get the whole suite of options to pick from. Although there is some room for improvement, ‘FIDO2 Swiss Army Knife’ is a fitting description.

If you are worried about the price tag of $130 on this bad boy, you can use the code Raghul-20 to get 20% off on your purchase!

You can find user guides and support material for the AllinPass FIDO here.

Nerd For Tech

From Confusion to Clarification

Nerd For Tech

NFT is an Educational Media House. Our mission is to bring the invaluable knowledge and experiences of experts from all over the world to the novice. To know more about us, visit https://www.nerdfortech.org/.

Raghul Chandrasekar

Written by

Writer. Reader. Philomath. Optimist. Figuring out life one article at a time at bitsoveratoms.substack.com

Nerd For Tech

NFT is an Educational Media House. Our mission is to bring the invaluable knowledge and experiences of experts from all over the world to the novice. To know more about us, visit https://www.nerdfortech.org/.