Fortect Key [2021] May 2026
<script> // 1. Get the challenge from your server (Base64URL encoded) async function startLogin() const resp = await fetch('/webauthn/login-challenge'); const challenge, allowCredentials = await resp.json();
// 4. Send the signed assertion back to the server for verification const data = id: assertion.id, rawId: btoa(String.fromCharCode(...new Uint8Array(assertion.rawId))), response: authenticatorData: btoa(String.fromCharCode(...new Uint8Array(assertion.response.authenticatorData))), clientDataJSON: btoa(String.fromCharCode(...new Uint8Array(assertion.response.clientDataJSON))), signature: btoa(String.fromCharCode(...new Uint8Array(assertion.response.signature))), userHandle: assertion.response.userHandle ? btoa(String.fromCharCode(...new Uint8Array(assertion.response.userHandle))) : null , type: assertion.type ;
// 2. Convert to Uint8Array objects const publicKey = challenge: Uint8Array.from(atob(challenge), c => c.charCodeAt(0)), allowCredentials: allowCredentials.map(cred => ( type: 'public-key', id: Uint8Array.from(atob(cred.id), c => c.charCodeAt(0)), transports: cred.transports )) ; fortect key
</script>
Simply de‑provision the user in your IdP; the key is automatically revoked in the console, rendering it unusable. <script> // 1
All Fortect Key models meet an IP67 rating—safe from accidental spills and dust.
Absolutely. The Management Console lets you enable multi‑factor policies that require both a TOTP and the hardware key for high‑risk actions. btoa(String
<button onclick="startLogin()">Log in with Fortect Key</button> The code works with any FIDO2‑compatible token—including Fortect Key—without any vendor‑specific libraries. | Practice | Recommended Action | |----------|---------------------| | Device Inventory | Keep a real‑time list of all issued Fortect Keys in the Management Console. | | Policy Enforcement | Require biometric unlock for privileged accounts. | | Lost Device Procedure | Revoke the compromised key instantly from the console; issue a replacement. | | Firmware Updates | Enable automatic secure‑boot firmware checks (Fortect Key pushes updates over the air). | | Physical Security | Store unused keys in a tamper‑evident container. | | Audit Logging | Enable detailed logging of authentication attempts for SOC‑2 and ISO‑27001 compliance. | 9. Pricing & Availability | Tier | Devices Included | Management Console | Support | |------|------------------|--------------------|---------| | Starter | Up to 25 keys | Basic portal (user‑level) | Email support (24 h) | | Professional | 26 – 250 keys | Advanced portal + API access | Phone & email (8 h) | | Enterprise | 251 + keys | Unlimited keys, SSO integration, custom RBAC | 24/7 dedicated account manager |