06-29-2019 05:26 PM
How do you use th e built fingerprint reader for online logins. Can it be used like a yubi key? Is there sotware that needs to be downloaded? I don't want to use it for logining into Window 10
07-01-2019 07:21 AM
We Lenovo don't have any website password manager that uses fingerprint like you are asking for. There may be some 3rd-party applications that can do it, but I don't have any recommendation.
07-01-2019 09:01 AM
I am trying understand how to use the FIDO functionaitly. I saw something around Intel Online Connect for the older generation. Maybe the question is really how to use the FIDO capability.
Good thing it's drool-proof
Quickly log in with ease with Windows Hello using just the touch of your finger or the view of your face if you opt for the IR camera. What’s more, the fingerprint reader thwarts biometric hacking with anti-spoofing technology— the fingerprint image is saved inside the chip, so it’s not sent out for login authentication when you sign in. Your data is protected too, with the discrete Trusted Platform Module (dTPM), that encrypts your information. And if that’s not enough to make IT administrators love the new X1 Carbon, then the ThinkPad’s FIDO authentication capability is sure to have them drooling.
—or FIDO—enables hardened authentication that wraps your access info in three layers of security. FIDO authentication to protect your online credentials when you sign in to websites like Facebook or Google, or make payments via PayPal. This global solution creates better security for online services, reduces costs for organizations, and is simpler and safer for users
07-01-2019 09:46 AM
Intel Online Connect has been withdrawn by Intel. FIDO depends on the website to implement, as far as I know, there are very few websites that have done this. I would look into something like LastPass, but again, this is not Lenovo software and I can't help you with it.
07-02-2019 10:49 PM - edited 07-02-2019 10:52 PM
The website needs to support the new FIDO2 WebAuthn standard. Microsoft does it with O365 for example. The browser also needs to support the WebAuthn API. Then you can register the TPM of your X1C6 as a FIDO2 Authenticator, which will then create a service specific public/private key pair and store it on your TPM, encrypted/locked with your PW, PIN, fingerprint or whatever authenticator you use to unlock your OS/TPM.
I tested it on my X1Y3 and it works fine.
FIDO2 standard is in the "draft" stage. Once it's finalized (probably soon), it'll be broadly adopted pretty quickly I would say.