Blog

How simple isn’t it?

This video shows how simple it is to login to a site using a 128 character password stored in KeePassXC and using a Nitrokey FIDO U2F stick for two-factor authentication.

No password is stored in my web browser nor in the cloud.

Central parts for keeping my integrity

Nitrokey Pro, Nitrokey FIDO U2F and USB flash drive

Central parts for me to keep my privacy and integrity are my

Nitrokey Pro

The Nitrokey Pro stores the private part of my GnuPG key. If someone find a way to break into my computer they can’t download my private key.

The Nitrokey Pro also act as a Time-based One-time Password (TOTP) generator. This way I don’t need to use my smart phone, that could be hacked, to generate these passwords. TOTP codes are used when logging in to sites giving an enhanced security compared using only a long password.

I also use my Nitrokey Pro to store some long passwords.

These passwords are protected by a relatively short password but after three tries the Nitrokey Pro is locked forever.

Nitrokey FIDO U2F

My Nitrokey FIDO U2F works as a security key when logging in to sites. This is an easier way of enhancing my security compared to using a TOTP generator.

Just connect the Nitrokey FIDO U2F when asked and click on it and you are logged in.

USB flash drive

My USB flash drive is divided into one FAT partition and one LUKS encrypted partition.

I use the FAT partition to store my KeePassXC password file making it very easy for me to bring it from computer to computer. The LUKS encrypted partition I use for backing up files in clear (as the partition itself is encrypted).

Waiting at an airport

How difficult could it be to offer power sockets to the public at airports?

The worst airport I’ve been to in modern time is Leipzig-Halle Airport in Germany. Maybe it’s just my computer that need to recharged, but I kindly ask every airport operator to install more power sockets!

Time-based One-time Passwords

Nitrokey Pro

OMG – I’ve just found out that I can use my Nitrokey Pro to generate Time-based One-time Passwords, also known as TOTP:s.

So far I thought I had to use a mobile app when Twitter, GitHub and other sites ask for a Two-Factor Authentication, 2FA, using a mobile app – but I now know I can use my Nitrokey Pro. As I really don’t trust Android as it’s a Google product I haven’t considered to start using one of those apps.

Normally, as far as I understand, you get a QR code to scan using the camera in your phone to add the code into the app to be able to later on generate the TOTP code back but you can also get the code in clear text.

Just copy this clear text into one of your Nitrokey Pro TOTP slots and voila – you can now copy the TOTP back whenever you want to login to your account!

For info about what sites supporting TOTP:s, please see dongleauth.info.