HW button to confirm signature/key access

[breznak]

Hello,

I'm comparing your NitroKey to Yubikey2 HW, where I'd like to prefer your solution, mainly for it's OSS both HW & SW, and that it's made in Germany.

I missing feature I find is that yubikey has a HW button that needs to be pressed to confirm action each time the donge is to be used. Why is this missing in NitroKey? Would you plan to implement it in future generations?

[jans23]

The reason is, that its significant effort. We will consider a button for the next major revision but its not decided and not planned yet.

[breznak]

..Ok, thanks for considering. You might want to make a poll about requested features. I introduced NitroKey to a local community and the lack of manual confirmation was the most often raised concern.

[jans23]

Was it kind of hacker and IT-pro community?

[lrvick]

Huge +1 on this. It is the primary blocker for rolling out Nitrokeys instead of Yubikeys in my organization.

[aharonh]

+1 for this from here as well. What would otherwise prevent malicious software from using my keys without my intention? Taking the key in-and-out each time makes the probability to loose the key significantly higher, and as there is no implementation of internal key-duplication to another stick (as far as I understand) that puts the credentials/data/money in real danger. I'd be glad to learn that I am missing something in the work-flow with the key that disproves the point above.
Also, is there any advancement in this field in the 2 years that have passed since the question was raised?

[breznak]

Was it kind of hacker and IT-pro community?

Both hacker/privacy people, but importantly also corporate

[mfp20]

Same issue here: I'd prefer Nitrokey becouse of its strong OSS commitment ... but find it useless without a button independent from the host. In my case I'd like to have it connected to my desktop keyboard's usb port, so to have it handy each time I need to use it; and have to unplug only when my (usually day-long) session ends.