Thinking of buying

Hi folks, be gentle I’m new.
I the light of hacks and data breaches I want a hardware key and the 3 with the big USB might be it.
That said I know nothing about python code etc.
Is there a helpful soul out there who can spoon feed me the basics of what why and how. The list of uses is baffling.
I’ve never felt so old…

Help a guy out please


you don’t need to code python to use the NK3 functionality. However, up to now a number of device features are only available by a non-graphical python application with rather sparse documentation Nitrokey provides (“nitropy”). So you need to be able to install that - which you can try without owning a key. Some NK3 applications are mainly used via third-party apps anyway. For example, fido via a webbrowser.

With respect to the wide array of usecases you best look into what you want to secure with a hardware key and go from there, check if Nitrokey has documentation for it or users have discussed it here.

So, if I were to update the nk3 to the current firmware I would be able to use the key as a basic physical password enhancement for amazon Google eBay?

And the other features, well I probably wouldn’t use them anyway.

Honestly, would I be better off with a yubico key?
no shade to this product but maybe open sauce isn’t for me.

Thanks for helping me

There are different standards to either replace basic passwords with a hardware token, or enhance them with it as a second factor. I can’t tell you out the head, if amazon and ebay support FIDO2 but they probably do (you find a directory of working services in the FAQ).

You don’t need to update the NK3 firmware for that, but you can keep it up to date as they actively develop it. Yubico does not offer updates for the firmware at all, but tend to be more mature and established (accepted) by services. Nitrokey’s NK3 offers more storage, equating to more slots or passwords to store than the other brand (if you need many).

Frankly, I’d start with any to see how it works for you. Once you get the hang of it, you might want to order a second to have a backup in case your day-use key breaks (or you lose it). Since most functionality is web-standard based, keys implementing the standard right should work. Some exceptions may apply, for example for banks only accepting certain keys.

You have been very helpful, thanks

Cool, you’re welcome.

except for OpenPGP keys, which are limited to 3