Header Image


emails, files, hard drives, server certificates and online accounts

Nitrokey enables

  • Secure Login

    Login to websites (e.g. Google, Facebook) using secure One Time Passwords (OTP), U2F or ordinary static passwords. Login to computers and network services (e.g. SSH) using certificates.

    read more
  • Email Encryption

    Encrypt your emails with GnuPG, OpenPGP, S/MIME or your favourite email client. Keep your secret keys secure on your Nitrokey.

    read more
  • Encrypted Mobile Storage

    Carry important data with you, hardware-encrypted on your Nitrokey Storage device (16-64 GB). Compatible with Windows, Linux and Mac OS.

    read more
  • Hard Disk & File Encryption

    Encrypt your hard disks and files using TrueCrypt/VeraCrypt, GnuPG Tools and more. Keep your secret keys secure on your Nitrokey.

    read more
  • Key and Certificate Management

    Protect your server certificates by using up to 300 cryptographic keys with the Nitrokey HSM. Ideal for security servers, Public Key Infrastructures (PKI) and Certificate Authorities (CA).

    read more
  • Server Administration with SSH

    Manage your servers, critical infrastructure, and Internet of Things (IoT) not just securely but also more easily. Administrators no longer require to synchronize key files between their desktops or remember complex passwords. Nitrokey acts as a mobile latch key to your servers by using Secure Shell (SSH), providing 2FA always at hand.

    read more

Nitrokey is better

  • High Security

    Your secret keys are stored in the tamper-resistant and PIN-protected device and are secured against computer viruses, other malware, phishing, loss, theft and brute-force attacks.

    read more
  • Made in Germany

    Nitrokey is developed and produced in Germany, primarily in Berlin. For the sake of higher quality and security, we do not use cheap overseas manufacturing.

  • Independent Security Assessment

    The auditing company Cure53 performed an intensive security review of the Nitrokey Storage. The security experts summarize their results with "Nitrokey is capable of functioning properly and securely" (see final report available here FirmwareHardware).

    read more
  • Open Source

    Both hardware and software are open-source, free software and allow independent security reviews. Customisable, no vendor lock-in, no security via obfuscation, no hidden security issues!

    read more
  • Complete USB plug

    Unlike some competitors, Nitrokey contains a complete and standard compliant USB plug. This ensures thousands of insertions without connectivity issues.

  • No Backdoors - No NSA

    Installed firmware can be exported and verified, preventing attackers from inserting backdoors into products during shipping. Nitrokey is open-source and free of backdoors. Secret keys are generated only by you and we have no access to your private information.

  • Plausible Deniability

    The only hardware solution with hidden encrypted storage. This allows you to plausibly deny the existence of encrypted data, for example during border controls.

  • Easy Integration

    Nitrokey uses open interfaces and open drivers to enable its easy integration with your personal requirements. Custom solution can be provided on request.

  • Better Than Software

    The Nitrokey hardware functions independently of any operating systems and protects your secret keys against theft, loss, user mistakes, phishing, brute-force attacks, computer viruses and other malware.

  • Sustainability

    The sustainable development and production of Nitrokeys contributes to a sustainable environment and society.

    read more
Illustration: How Nitrokey works

How Nitrokey works

Protect emails, files, hard drives, server certificates and online accounts using cryptography. Your private keys are always stored securely in the Nitrokey hardware and can't be stolen. The device is PIN-protected and is secured against brute force and hardware attacks. Backups protect against loss.

The Nitrokey Family

  Nitrokey Storage 2 Nitrokey Pro 2 Nitrokey Start Nitrokey HSM 2 Nitrokey FIDO U2F
  Nitrokey Storage Nitrokey Pro Nitrokey Start Nitrokey HSM Nitrokey U2F
Open source
Tamper-resistant smart card    
S/MIME email and hard disk encryption (X.509, PKCS#11)  
OpenPGP/ GnuPG email encryption    
Secure login (One Time Passwords)      
Password Manager      
Encrypted mass storage        
Hidden volumes        
Firmware updates and verification      
RSA key length [bit] 2048 - 4096 2048 - 4096 2048** 1024 - 4096  
Number of RSA key pairs 3* 3* 3* 38  
ECC key length [bit] 256 - 521 256 - 521 256 192 - 521  
Elliptic curves NIST P, Brainpool NIST P, Brainpool NIST P, Curve25519, SECG/Koblitz NIST P, Brainpool, SECG/Koblitz  
Number of ECC key pairs 3* 3* 3* 300  
PKI/CA management features        
Secure login (FIDO U2F)        
Factsheet Nitrokey Storage 2 Nitrokey Pro 2 Nitrokey Start Nitrokey HSM 2 Nitrokey FIDO U2F
Price Starting from € 109.00 € 49.00 € 29.00 € 59.00 € 22.00
  Buy Buy Buy Buy Buy

* Stores the key pair (RSA or ECC, if available) for one person/identity only. Technically these are 3 key pairs because GnuPG uses subkeys.

** 4096 bit are supported but each operation takes ca. 8 seconds.

Selection of our customers


  • Nextcloud lets users access and collaborate on documents, calendars and in video chats in the browser or through mobile apps. Over 200 apps extend Nextcloud functionality with features like playing music and movies, tracking your phone, reading news, mindmapping and more.
    11 May 2019
  • Gentoo logo
    The Gentoo Foundation has partnered with Nitrokey to equip all Gentoo developers with free Nitrokey Pro 2 devices. Gentoo developers will use the Nitrokey devices to store cryptographic keys for signing of git commits and software packages, GnuPG keys, and SSH accounts.
    17 April 2019
  • We are excited to announce the long awaited Nitrokey HSM 2. Finally it supports highly secure cryptography with RSA-4096, ECC-521, AES-256, and SHA-512. Supported elliptic curves are: SECG / NIST P-192, P-256, P-521; Bitcoin Koblitz curve secp192k1, secp256k1, secp521k1; Brainpool 192-512. The storage capacity has been increased significantly to store 300x ECC/AES-256 keys, 150x ECC-521 keys, 19x RSA-4096 keys, or 38x RSA-2048 keys. What Nitrokey HSM 2 is used for:
    15 March 2019