Windows 10 has just released build 1903 and with this, has been certified as FIDO compliant (As seen in this article. You can now use a Security Key with Windows Hello to unlock your PC, however when I try to enroll my Nitro Key FIDO U2F, it just states ‘you cannot use this key, please try another one’. I have used this key to enroll in Google, so I know the key works.
I am confused as well. I think I have read in some of the past articles, that external FIDO2 device could unlock the Windows account, but it seems later this decision was changed. The article you have linked describes that:
Microsoft account could be unlocked with the FIDO2 device as a 1FA (without login or password),
MS Windows 10 could work as a FIDO2 device by itself, using its Hello feature (which itself works based on an embedded hardware security chip, soldered to the motherboard of laptop, tablet etc.).
It is mentioned, that FIDO2 could be used to login, but as far as I know, this concerns only PCs in networks handled by MS Windows Server / Active Directory.
We were reaching to Microsoft regarding the possibility of unlocking the Windows 10 local account using a FIDO2 device, but we had not received, nor find on the web, any deadline or plans for implementing such a feature. I spend some time to configure it too, without success. If you would find any information how to make it work though, please let us know.
As for the Nitrokey FIDO U2F device, it might be possible to use it for unlocking account on Windows by some (unfortunately paid) 3rd party software. I am not sure Microsoft has ever taken FIDO U2F into account; perhaps got to FIDO2 directly.