Prototype USB password token
hw usb





USBPass is a small device for storing passwords. Simply plug it in to any PC or device which supports USB HID keyboard, and use the 3 buttons to replay any of the 20 passwords stored in its memory. A cross-platform desktop application allows the user to store passwords (write-only) and reconfigure the functionality of each of the buttons. Originally I had intended on having the device type out the description of each password until the correct one is selected, but this proved to be too buggy and kind of obnoxious to work with. After realizing how awkward this technique is, I implemented short vs long press events for each button. With this in place, you can assign up to 6 passwords to the 3 buttons. This brings us to one of the primary design goals: Be as cheap as possible. If you build it yourself, you can build 3 for just under $20. Compared to the Yubikey, which costs $25, you can have 3 USBPasses on your keychain with 6 passwords each. 18 passwords for $20 vs 2 for $25. ;-) Of course, the Yubikey is sold at markup to cover development and server costs.


Rev A

Rev A issues

Rev A of anything is rarely without it's faults. ;-)

Rev B thoughts

Rev B needs only a few tweaks to clean up the design: The most important changes are improvements to the USB connection and the position of the buttons.



The firmware for the USBPass is based around LUFA, specifically the HID keyboard demo. Once I got the demo working on my hardware, I added HID report functionality to transfer little bits of data from a desktop application. From here, developing the functionality for the buttons and recalling passwords went very quickly as I spent most of the time waiting for the hardware prototyping with a Qt desktop application.


The desktop software is primarily designed as a library, allowing me to write separate console and GUI interfaces, and makes cross-platform a bit easier to manage. Currently the GUI is barely functional, but the console app supports just about every feature developed so far. To simplify accessing the USB device I made use of HID API, which made it very easy to find the device and send reports.


Wed, 15 Jan 2014: Starting rev B in earnest

First off, I started a public Trello board to track my thoughts and status. This new build will definitely break away from the idea of keeping the BOM to an absolute minimum, but I still want to maintain the idea of keeping the device size to a minimum. Towards that end, I'm adding an OLED display, 3FF smart-card slot, and am still looking for a small flash/eeprom storage chip. As an alternative to "external" storage, I might bump up the Atmel (or switch to TI) to get more storage space. Not so sure on that latter bit, as I'm more concerned about PCB dimensions than storage size.

Sun, 29 Dec 2013: Towards rev B

Recently I've started thinking about designing a second revision (or more likely an alternate device). For this new version, I'd like to incorporate a small display so the user can see the name of the password directly on the device. To see if this is even feasible (0.91" is VERY small...) I wrote up an OLED display simulation (complete down to the display controller ;-).

Edit: Upon urging from Mathieu I've done a given QtLedTest it's own project page and full write-up.