Unlocking Your Android Device with a Hardware Passkey: A Guide to Using Digispark Attiny85

We’ve all been there — that moment when your phone is locked, and your brain can’t recall the PIN code. You’ve keyed it in countless times, but now your fingers hesitate. You rely on muscle memory, but even that’s letting you down. Moments like these remind us how easy it is to forget these essential security codes.

Luckily, an innovative solution to this issue is readily available, this solution isn’t your typical password reminder. It’s a hardware passkey — a compact circuit that, when connected to your phone or computer, inputs your PIN code automatically. This technological marvel is achievable with the affordable Digispark Attiny85 board, which you can typically secure for under 10 dollars.

In this article, I’ll guide you through the step-by-step process to create your own hardware passkey.

Digispark Attiny85 board

Requirements:

• Windows Computer
• Digispark Attiny85 board
• Android Phone
• Arduino Software

Setting up Arduino

• Download Arduino from the official website
• Navigate to File -> Preferences -> Settings -> Additional Boards Manager URLs.
• Add this URL to the list and save: https://raw.githubusercontent.com/digistump/arduino-boards-index/master/package_digistump_index.json

• Go to Tools -> Board -> Boards Manager…, search for “digistump”, and install “Digistump’s AVR Boards”.

• Windows 10 users may encounter a usbser driver installation failure. If that happens, you can download it directly from here: https://github.com/digistump/DigistumpArduino/releases/download/1.6.7/Digistump.Drivers.zip
  Extract the downloaded file and install the driver by running DPinst64.exe.
• In the Arduino interface, select Tools -> Board -> Digistump AVR Boards -> Digispark (Default 16.5 MHz)

The setup is done! now we are ready to code our sketch!!

Coding Payload

We have two pre-defined functions in our sketch: setup() and loop(). For this tutorial, let’s assume the PIN code is ‘1234’. Our code will look like this:

#include "DigiKeyboard.h"

void setup() {
  // Nothing to do in setup
}

void loop() {
  // This delay is to give the computer time to recognize the DigiSpark
  // after it's plugged in. 2000 milliseconds is 2 seconds.
  DigiKeyboard.delay(2000);

  // Now we'll send the keystrokes for your PIN
  DigiKeyboard.println("1234");

  // After typing the PIN, we'll do a long delay before we can type it again.Ci
  // This is to prevent the DigiSpark from endlessly typing your PIN if you leave it plugged in.
  DigiKeyboard.delay(60000);
}

Once you’ve entered the code, click on the “Verify” button to compile and check for any errors.

Uploading Payload

Uploading the Code to the Attiny85 Board:

• Click on the Upload button in the Arduino interface.

• When the prompt “Plug in the device now… (will timeout in 60 seconds)” appears, connect your Attiny85 board to the computer’s USB port.

• Wait for the done message “Micronucleus done. Thank you!”, then remove your board from the USB port.

Congratulations!! Your hardware passkey is ready to go.

Testing the Passkey:

On Windows, open Notepad, and plug in your passkey. It should automatically type in your PIN code.

Benefits of a Hardware Passkey Over Online PIN Storage or Password Managers:

1. Offline Storage: A hardware passkey is offline, reducing vulnerability to online hacks. Your PIN isn’t stored on an internet server, enhancing its security.
2. No Third-Party Trust: Unlike password manager applications, a hardware passkey requires no trust in a third-party entity to safeguard your data.
3. No Master Password: Password managers need a master password, which if forgotten, can cause a lockout. A hardware passkey auto-inputs your PIN, avoiding this issue.

Remember, no solution is perfect. A hardware passkey also carries potential security concerns, which will be detailed in the following section. Choose the best solution for your digital security needs and comfort level.

Potential Security Risks with the Hardware Passkey:

While the hardware passkey simplifies access to your device, it’s important to consider the associated security concerns:

1. Physical Security: If lost or stolen, the passkey could be used to gain unauthorized access to your device. Keep it secure.
2. Malware: If your programming device is compromised, malware could infect your passkey. Keep your devices protected with up-to-date antivirus software.
3. Hardcoded PIN: A skilled individual could extract your hardcoded PIN from the passkey. Handle it securely.

While convenient, it’s crucial to use the hardware passkey responsibly, considering these potential security risks.

Final Thoughts

The hardware passkey, powered by the economical Digispark Attiny85 board, provides an effective and offline solution to the common problem of forgotten PINs. It’s a user-friendly alternative to online storage or password manager apps, offering a unique blend of convenience and control.

However, while using this tool, it’s important to be aware of potential risks, such as physical security and malware threats. Even though it’s primarily a guide for creating a hardware passkey for Android, we can’t ignore the broader context of tech responsibility.

In essence, the hardware passkey symbolizes the potential of technology to simplify our lives. As we continue to explore these solutions, let’s do so with an eye for balancing convenience with safe usage.

Stay tuned to my tech journey by following me on Medium. And if you want to join forces and conquer the tech world together, let’s connect on LinkedIn!