Hi there,
I have been scanning the available documentation but could not find an answer with regards to the question, how many credentials can be stored on a Nitrokey 3.
That says 100 passwords, not server-side key pairs per account, doesn’t it? I also would like to understand how Nitrokey compares to Yubi at a max of 25 secrets and Titan’s 250.
I’d really like to see the same precision of documentation of these key features as Yubikey provides in the link I provided in the starting post:
FIDO2 - the YubiKey 5 can hold up to 100 discoverable credentials (AKA hardware-bound passkeys) in its FIDO2 application. OATH-TOTP - the YubiKey 5’s OATH application can hold up to 64 OATH-TOTP credentials (AKA authenticator codes). PIV - the YubiKey 5’s PIV (smart card) application has 4 usable slots per the PIV specification, each serving a specific purpose (authentication, digital signature, key management, and card authentication - click here for further information). In a Microsoft Windows environment and used in conjunction with the YubiKey Smart Card Minidriver, the number of usable certificates expands to approximately 12 (dependent upon many factors including algorithm used as well as various certification authority settings - if RSA 4096 is used exclusively on 5.7 firmware YubiKey 5 Series, for example, that limit will be lower).
Confusing marketing speak like “100 passwords” from a flyer is a shame for a company with products directed at technical nerds like us. Even more so when discussing security topics.
The inability to answer this very basic level of question in an alleged “support” forum drives me to warn friends against using Nitrokeys as having poor crappy support in addition to subpar software quality (the windows app is “very poor” at best and even minor updates are scarce).
