We are planning to rollout Nitrokeys for al our users. But the most important question arising is: How to manage those keys? For personal usage by technically educated users it’s fine, but what about business usage?
-
Authentication Methods: What authentication Methods are the most important for flawless usability and a high level of security (phishing resistance)? Windows Login works with PIV, but PIV requires a fully setup and working PKI first if I understand that correctly. FIDO2 is best for passwordless webservice authentication but requires an identity provider. (We can’t and won’t use MicrosoftEntraID for all our users.) We’re testing around with keycloak atm. What do you use?
-
Backup: Not all Authentication options support backups (FIDO2 for example). So how do you handle lost or broken keys? I can’t see a convenient business workflow yet. Our users are definitly not able to handle backups of their keys themselves. So how do you manage the user-keys in your orgs?