100%(1)1 out of 1 people found this document helpful
This preview shows page 75 - 77 out of 170 pages.
href="-laptops/">we were partnering with Nitrokey to produce a new security token: the Librem Key</a> and I’m pleased to announce that today the Librem Key is <a href="">available for purchase on our site</a> for $59.</p><p><img class="alignnone size-full wp-image-58984" src="-content/uploads/2018/09/librem-key-shadow-bg.png" alt="" width="960" height="540" srcset="960w, 300w, 768w, 600w" sizes="(max-width: 960px) 100vw, 960px" /></p><h1>What is a USB Security Token?</h1><p>In case you haven’t heard of USB security tokens before, they are devices typically about the size of a USB thumb drive that can act as “something you have” for multi-factor authentication. With so many attacks on password logins, most security experts these days recommend adding a second form of authentication (often referred to as “2FA” or “multi-factor authentication”) in addition to your password so that if your password gets compromised the attacker still has to compromise your second factor. USB security tokens work well as this second factor because they are “something you have” instead of “something you know” like a password is, and because they are portable enough you can just keep them in your pocket, purse, or keychain and use them only when you need to login to a secure site.</p><p>In addition to multi-factor authentication, security tokens can also often store your private GPG keys in a tamper-proof way so you can protect them from attackers who may compromise your laptop. With your private keys on the security token, you can just insert the key when you need to encrypt, decrypt, sign, or authenticate and then type in your PIN to unlock the key. Since your private keys stay on the security token, even if an attacker compromises your computer, they can’t copy your keys (and even if you leave the key plugged in, they need to know your PIN to use it).</p><h1>Why Make a Librem Key?</h1><p>There are many other vendors out there who offer their own security tokens, so why make our own? The first reason is that few security tokens out on the market align with our values here
at Purism, in particular with respect to freedom. I’ve explained in a previous post <a href="">why freedom is essential to security and privacy</a> and this is especially true for a device that is holding some of your most sensitive secrets. We wanted a security token that used open hardware, free software firmware, and free software user applications and that is why we partnered with Nitrokey to produce a security token that respected your freedom from the beginning.</p>