I don’t know yet where to put this - but here is my question: would it be possible to have as an option in the shop/marketplace to buy a dedicated Yubico Yubikey 5C nano as a module that supports security options of the machine? Would be Yubico interested in such cooperation?
I’ve been setting up the Yubico 5C NFCs I bought recently today, I was just thinking the exact same thing.
Especially on the FW16 as it has a ridiculous amount of IO (I’ve specced out a very overkill peripheral setup and still have 3 slots unaccounted for) it would be no harm at all to spend a slot on hardware auth.
Sure you could just plug a 5C nano into a type C card, but it would protrude from the chassis and risk getting damaged/broken. Having it integrated into the card with the contact plate being the full side of the card would be so much better imo.
Even if the card is literally just the housing, an off-the-shelf 5C, and a conductive metal strip (I just tested - I can activate my 5C NFC through a keyring) attached to the nano. The cost of it would probably be a bit more than a 5C nano, but it would be worth it for the huge reduction in damage risk.
ETA: open question about a secondary key for backup - it would be somewhat cumbersome to remove it and insert the backup key, but it’s also seems tricky do do so with a 5C nano. 5c nano owners feel free to correct me but I would guess having a 5C nano as an “always plugged in” option with a backup 5 NFC/5C/5C NFC is common? Personally I’ve opted for 2x5C NFC as a main & backup.
It wouldn’t be hard to have a 3d printable plastic Expansion Card with an added metal channel to move from the Auth button to the end of the Expansion Card.
You could also use something like a SoloKeys2 (already has button on end) or Titan.
A big part of wanting it as a first-party or at least officially created product is to have the fit and finish match the other expansion modules and the rest of the chassis. It’s part of why I personally dislike the ethernet card, the clear plastic is cool and all but it stands out, and not in a feature piece way.
There’s a request for expansion card blanks which could make this possible to DIY, but for something as common (and increasingly more common) as hardware keys I think it makes sense to have as a released product.
As mentioned, it can be built from existing production components making the R&D cost negligible and the manufacturing cost easily absorbable. Possibly just use the type-A/audio card housings so the single new part is a metal plate of the required size - or if the housing is conductive enough just electrically couple the Yubikey to it needing 0 new parts, just a wire.
Obviously there are space limitations that could make it simply unfeasible, but an absolute dream version of this might be an expansion card with 3 USB ports: An internal USB-A one for that one pesky dongle we all have, a slightly sunk-in USB-C port with “under-laptop” access for things like a Yubikey (or if space allows, maybe a slightly sunk-in USB-A port to work with the Yubikey 5 nano, since that puts the touch sensitive spot on the side of the laptop rather than the bottom), and a regular USB-C port for standard usage (even if it has some limitations, I’d happily give up some of the benefits of our ports if I can have a dongle a Yubikey in the same module).