Nitrokey and Nextcloud Collaborate on Securing Private Clouds

Nextcloud lets users access and collaborate on documents, calendars and in video chats in the browser or through mobile apps. Over 200 apps extend Nextcloud functionality with features like playing music and movies, tracking your phone, reading news, mindmapping and more. It is by far the most popular private cloud software, 100% open source, developed by a community and used by millions of home users as well as organizations like Siemens, the German Federal Government and many more.

Self-hosting a Nextcloud gives users 100% control over their data, protecting their privacy. But privacy doesn't exist without security and Nextcloud offers many security features like two-factor authentication (2FA), brute force protection, server and client side encryption and much more. Nitrokey’s security and encryption devices are a perfect match.

Second-Factor Keys

The Nitrokey Pro 2 and Nitrokey Storage 2 devices have been verified to work correctly with Nextcloud’s one-time passwords for secure two-factor authentication (2FA). This protects users’ accounts in the event of compromised passwords. Furthermore the USB keys feature a password manager, a cryptographic key store for email encryption and SSH administration. In addition the Nitrokey Storage 2 contains an encryption mass storage drive with the option of hidden volumes.

Password-Less Login Experience

FIDO2 authentication makes it possible to replace insecure and complicated password logins with secure and fast login experiences across websites and apps. FIDO2 uses the W3C’s Web Authentication specification (WebAuthn) and FIDO’s Client-to-Authenticator Protocol (CTAP2), which together let users use a device to easily authenticate to online services — in both mobile and desktop environments.

In simpler terms, to log in to your Nextcloud (or another webservice) you just insert your Nitrokey and click a button or two to approve the login.

Nitrokey and Nextcloud are both starting to work on FIDO2 support and have agreed to collaborate on this, making sure Nitrokeys can be used to seamlessly log in to Nextcloud systems. More news is likely to come during the Nextcloud Conference in Berlin later this year.

Enterprise key management

Nitrokey and Nextcloud will explore further collaboration, seeking ways to provide enterprises and private users with even better, more advanced security measures in the future. One of these areas are Nextcloud installations in enterprises providing end-to-end encryption and demanding a secure way to store cryptographic keys. This is where Nitrokey HSM can provide a central key store to securely store keys and at the same time enable the organization protected access to their keys. Here Nitrokey HSM’s m-of-n access scheme allows to define a group of authorized administrators and to protect the keys against a single malicious administrator. Also, encrypted key backups are essential in order to fulfill compliance and availability requirements.

23.10.2019

Comments

Please make Nitrokeys in different colors (red, green, blue, orange, white, purple, yellow).
If you just want to distinguish devices, we are offering an option to label devices with serial numbers.
Does the Nitrokey Pro 2 support FIDO2 or is it only the Nitrokey FIDO U2F?
It's only our upcoming Nitrokey FIDO2. But in most cases FIDO U2F is sufficient today, unless you want to use passwordless login with Microsoft systems.
Ich möchte mich auf unzähligen Websiten mit unterschiedlichen Anmeldedaten anmelden. Benötige ich den Nitrokey Pro 2 oder den Nitrokey FIDO2? Bisher nutze ich KeepassXC mit Browser-Erweiterung, das möchte ich gerne mit einem Nitrokey ablösen bzw. ergänzen.
Das hängt von den jeweiligen Webseiten ab. Auf http://dongleauth.com/ findest Du eine Auflistung und Info welche Webseite OTP oder FIDO verwendet. Davon hängt ab ob Du den Nitrokey Pro oder Nitrokey FIDO2/U2F verwenden kannst.

Add new comment

Fill in the blank.