The Password is Dead

Passwords can be either difficult to remember or too short to securely protect important accounts. Traditional password systems have not been able to keep up with the increasing number of accounts needed for various websites nowadays. Passwords should be unique and the same one should never be used for multiple accounts. This renders passwords insecure and impractical to use.

Nitrokey aims to replace passwords by utilising the following strong authentication procedures:

One Time Passwords (OTP)

One Time Passwords (OTP) are similar to TANs and are used as a secondary security measure in addition to ordinary passwords. OTPs protect against identity theft, which means that if your password is compromised your account is still secured by the Nitrokey. Using a small tray icon application, your Nitrokey generates OTPs which are required in order to log in to configured websites and applications. There is a growing list of websites which can be used with Nitrokey's OTPs. The supported protocol are HMAC-based One-time Password Algorithm (HOTP, RFC 4226) and Time-based One-time Password Algorithm (TOTP, RFC 6238), which are compatible with Google Authenticator.

FIDO Universal 2nd Factor (U2F)

FIDO Universal 2nd Factor (U2F) is very secure, super easy to use, and may become the successor to OTPs. FIDO U2F uses cryptographic challenges which are signed by the Nitrokey U2F device. Account-specific keys are used to prevent user tracking and to protect your privacy. U2F doesn't require an additional tray application because some web browsers already support Nitrokey U2F (Firefox, Google Chrome, Internet Explorer with plugin). U2F is a new standard and is so far only supported by a few websites, but its acceptance is increasing.

Client Certificate Authentication

You can use your Nitrokey to administrate your servers securely via SSH, to access your Virtual Private Network via OpenVPN or IPSec and to log in to some websites via HTTPS or OpenID.

Password Safe

In cases where an ordinary password is required, Nitrokey provides a password safe to store passwords securely. It allows you to have individual passwords for each account and store them encrypted in the Nitrokey. Maximum 16 passwords.