Questions about PasswordManager and OTP

unfortunately I couldn’t find any information on your homepage. I’ve got a few questions regarding the nitrokey pro.

  • how many passwords can I store with the password manager on the stick?

  • how many slots for different OTP are on the stick?

  • where are the OTP-shared secrets and the password from the pw-manager stored?

  • how is this storage protected? how is the access secured?

  • is it possible to change the opengpg card? e.g. if a new version with support for ECC cryptography is released some day.

thanks a lot!


15 x TOTP, 3 HOTP

In the microprocessor.

The passwords from the Password Manager are encrypted and always PIN-protected. Access to the OTPs can be PIN-protected. The read-protection bit of the microprocessor is enabled and prevents reading through JTAG.

Replacing the smartcard with another OpenPGP Card 2.1 is possible. Whether replacing it with a future version works depends on if the future version is backward-compatible or not. :slight_smile: