mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-10-24 16:22:10 +00:00
Compare commits
1 Commits
2024.10.28
...
jonaharago
Author | SHA1 | Date | |
---|---|---|---|
9a8b4f2ea3
|
@@ -33,7 +33,7 @@ Email providers which allow you to use standard access protocols like IMAP and S
|
||||
|
||||
### How Do I Protect My Private Keys?
|
||||
|
||||
A smartcard (such as a [YubiKey](https://support.yubico.com/hc/articles/360013790259-Using-Your-YubiKey-with-OpenPGP) or [Nitrokey](../multi-factor-authentication.md#nitrokey) works by receiving an encrypted email message from a device (phone, tablet, computer, etc.) running an email/webmail client. The message is then decrypted by the smartcard and the decrypted content is sent back to the device.
|
||||
A smartcard (such as a [YubiKey](https://support.yubico.com/hc/articles/360013790259-Using-Your-YubiKey-with-OpenPGP)) works by receiving an encrypted email message from a device (phone, tablet, computer, etc.) running an email/webmail client. The message is then decrypted by the smartcard and the decrypted content is sent back to the device.
|
||||
|
||||
It is advantageous for the decryption to occur on the smartcard to avoid possibly exposing your private key to a compromised device.
|
||||
|
||||
|
@@ -74,44 +74,6 @@ The firmware of YubiKey is not updatable. If you want features in newer firmware
|
||||
|
||||
</div>
|
||||
|
||||
## Nitrokey
|
||||
|
||||
<div class="admonition recommendation" markdown>
|
||||
|
||||
<figure markdown="span">
|
||||
{ width="300" }
|
||||
</figure>
|
||||
|
||||
**Nitrokey** has a security key capable of [FIDO2 and WebAuthn](basics/multi-factor-authentication.md#fido-fast-identity-online) called the **Nitrokey FIDO2**. For PGP support, you need to purchase one of their other keys such as the **Nitrokey Start**, **Nitrokey Pro 2** or the **Nitrokey Storage 2**.
|
||||
|
||||
[:octicons-home-16: Homepage](https://nitrokey.com){ .md-button .md-button--primary }
|
||||
[:octicons-eye-16:](https://nitrokey.com/data-privacy-policy){ .card-link title="Privacy Policy" }
|
||||
[:octicons-info-16:](https://docs.nitrokey.com){ .card-link title=Documentation}
|
||||
|
||||
</details>
|
||||
|
||||
</div>
|
||||
|
||||
The [comparison table](https://nitrokey.com/#comparison) shows the features and how the Nitrokey models compare. The **Nitrokey 3** listed will have a combined feature set.
|
||||
|
||||
Nitrokey models can be configured using the [Nitrokey app](https://nitrokey.com/download).
|
||||
|
||||
For the models which support HOTP and TOTP, there are 3 slots for HOTP and 15 for TOTP. Some Nitrokeys can act as a password manager. They can store 16 different credentials and encrypt them using the same password as the OpenPGP interface.
|
||||
|
||||
<div class="admonition warning" markdown>
|
||||
<p class="admonition-title">Warning</p>
|
||||
|
||||
While Nitrokeys do not release the HOTP/TOTP secrets to the device they are plugged into, the HOTP and TOTP storage is **not** encrypted and is vulnerable to physical attacks. If you are looking to store HOTP or TOTP secrets, we highly recommend that you use a YubiKey instead.
|
||||
|
||||
</div>
|
||||
|
||||
<div class="admonition warning" markdown>
|
||||
<p class="admonition-title">Warning</p>
|
||||
|
||||
Resetting the OpenPGP interface on a Nitrokey will also make the password database [inaccessible](https://docs.nitrokey.com/pro/linux/factory-reset).
|
||||
|
||||
</div>
|
||||
|
||||
## Criteria
|
||||
|
||||
**Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
|
||||
|
@@ -431,7 +431,6 @@ For encrypting your operating system drive, we typically recommend using whichev
|
||||
|
||||
- { .twemoji loading=lazy } [Yubico Security Key](security-keys.md#yubico-security-key)
|
||||
- { .twemoji loading=lazy } [YubiKey](security-keys.md#yubikey)
|
||||
- { .twemoji loading=lazy } [Nitrokey](security-keys.md#nitrokey)
|
||||
|
||||
</div>
|
||||
|
||||
|
@@ -1 +0,0 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 124 140"><g fill="#D0013B" fill-rule="nonzero"><path d="m72.37 84.938-28.68 16.6a4.1 4.1 0 0 1-5.58-1.5l-15.34-26.57a4.09 4.09 0 0 1 1.5-5.53L53 51.338l19.37 33.6ZM57.48 54.188 72 79.368l28.75-16.61-14.51-25.17-28.76 16.6Zm14.36-3a1 1 0 0 1 .35-1.34l2.81-1.66a1 1 0 0 1 1.34.35l2.41 4.14a1 1 0 0 1-.36 1.34l-2.84 1.65a1 1 0 0 1-1.34-.35l-2.41-4.14.04.01Zm14.22 15.93-2.84 1.66a1 1 0 0 1-1.34-.35l-2.41-4.14a1 1 0 0 1 .35-1.34l2.85-1.65a1 1 0 0 1 1.34.35l2.4 4.13a1 1 0 0 1-.35 1.34Z"/><path d="M61.66 139.798c-1.528 0-3.041-.292-4.46-.86-37.79-15.12-53.52-50.44-56.29-57.37a12.392 12.392 0 0 1-.91-4.71v-43.49a12.4 12.4 0 0 1 7.5-11.43l49.5-21a12 12 0 0 1 9.3 0l49.51 21a12.361 12.361 0 0 1 7.52 11.48v43.44a12.75 12.75 0 0 1-.91 4.69c-2.78 7-18.51 42.27-56.3 57.39-1.418.568-2.932.86-4.46.86Zm0-128.77a1 1 0 0 0-.37.08L11.8 32.018a1.472 1.472 0 0 0-.8 1.35v43.49c0 .198.036.395.11.58 2.49 6.25 16.55 37.83 50.18 51.29a1 1 0 0 0 .75 0c33.62-13.46 47.68-45 50.16-51.24.08-.201.125-.414.13-.63v-43.49a1.44 1.44 0 0 0-.78-1.34L62 11.108a.903.903 0 0 0-.37-.08h.03Z"/></g></svg>
|
Before Width: | Height: | Size: 1.1 KiB |
Binary file not shown.
Before Width: | Height: | Size: 5.6 KiB |
Reference in New Issue
Block a user