Password protected USB storage - for passwords..

Toggle sidebar Toggle sidebar
N

nostob

Distinguished
Nov 1, 2009
80
2
18,635
I am looking for a USB stick with encryption for strong passwords and some key data.

Some models I found:
- Eikon To Go USB Fingerprint Reader
- Integral® 8GB Crypto Drive - FIPS 197 Encrypted USB
- Corsair 16 GB Padlock 2 USB 2.0 Flash Drive CMFPLA16GB
- Apricorn Aegis Secure Key FIPS Validated 4 GB USB 2.0 256-bit AES-CBC Encrypted Flash Drive ASK-256-4GB
- Kingston 16 GB Digital Data Traveler Locker


I want to make sure that the stick would work with no client installation.

Any advice?
 
Solution
A
I own several Apricorn Aegis Secure Keys (two 4G and a 16G), and I can confirm that there is no software to install. Based on your needs it sounds like the perfect device for you.

I use mine daily with a mix of Windows 7/8/8.1, OSX 10.9, and Debian & Ubuntu.

Using it is very simple:

  • ■ You unlock the device via its keypad before plugging it into the USB port (it has an internal battery).
    ■ Once unlocked, a green LED turns on, and then you plug it into a USB port.
    ■ It appears to the system as a standard USB Flash Drive.
Unique features of this device vs. other I've used previously:

  • ■ Self-Contained encryption,
    ■ protection from brute-force via auto-wipe,
    ■ keypad has separate keys for every number (unlike the...
Sort by date Sort by votes
Tom Tancredi

Tom Tancredi

Judicious
May 9, 2013
4,999
0
32,960
Sadly, all instances of such devices REQUIRES client installation, because without the 'client' software to create the encryption to access the 'device' (be is a USB drive or a safe itself) that is already encrypted it can't "speak" the code to access the device.

Also the computers require the users have Admin Access, as encryption and decryption is a high level Admin function, and only the admin accounts can make the software work. With previous policies having conflicts like this, normally it was okay to allow a 'local Admin' account (if these are business machines on a desktop) that all the users (normally laptop users) had as a generic account on the machine, and a added 'signed document' holding them responsible if the Domain Accounts and Domain security scans found they were going beyond the instructed 'use' of the Admin account.
 
Upvote 0 Downvote
M

mbarnes86

Splendid
Sep 16, 2010
3,839
7
26,965
Hi

Read up on which ever one you plan to use, ensure it is guaranteed to work in Win 7 & 8 on a restricted account
They usually have 2 partitions the first emulating a cd rom which is read only and contains the client software

Make sure there is a password which can over ride the finger print

A few years ago we were still using XP and a finger print bio USB memory stick
The first problems occurred when we went over to win 7 every one had restricted user accounts on a domain and could not use them any more

In addition USB ports were locked down against USB memory devices
They could be enabled for a class of device on a nominated PC

But the device type seen in device manager was based on an embedded serial number rather than a make & model number so each one would need enabling for each PC

The IT department refused to do this as it was too time consuming

Regards
Mike Barnes
 
Upvote 0 Downvote
N

nostob

Distinguished
Nov 1, 2009
80
2
18,635
Thanks.

So, Integral seems to say the right things in their spec sheet:
http://integralmemoryusa.com/sites/default/files/products/specifcations/Integral_Crypto_PC_and_Mac_FIPS_197_Encrypted_USB.pdf

The Apricorn states that it is OS independent, not sure if this is true or not. I like the idea of an onboard keybord,
http://www.apricorn.com/aegis-secure-key.html

The Corsair also has an onboard keyboard and states to be compatible with win7. However, doesn't mention anything about the admin access.
http://www.corsair.com/en-us/flash-padlock-2-16gb-usb-flash-drive

Sam for Kingston: OS yes, admin ?
http://www.kingston.com/datasheets/dtlpg3_us.pdf
http://www.corsair.com/en-us/flash-padlock-2-16gb-usb-flash-drive
 
Upvote 0 Downvote
Tom Tancredi

Tom Tancredi

Judicious
May 9, 2013
4,999
0
32,960
Apricorn would be the unique solution, as the manual states your only using a PIN which is only typed onto the device itself to 'unlock and lock' the USB device itself from use. This is similar to the RSA KeyFoB as a self powered 'key' to a system. Hence why it is 'OS independent', as no 'software' is needed to run the encryption or decryption, the 'rechargable battery' is providing that on the key itself. That said there is a *BUT* if the USER never put the key in THAT specific USB slot (say they put it on the left slot instead of right slot the Admin used before) then the device would need to be 'installed' which is still a Admin function.

All the others YES require a ADMIN account to run the decryption / encryption software
 
Upvote 0 Downvote
A

azrobbo

Reputable
Mar 23, 2014
1
0
4,520
I own several Apricorn Aegis Secure Keys (two 4G and a 16G), and I can confirm that there is no software to install. Based on your needs it sounds like the perfect device for you.

I use mine daily with a mix of Windows 7/8/8.1, OSX 10.9, and Debian & Ubuntu.

Using it is very simple:

  • ■ You unlock the device via its keypad before plugging it into the USB port (it has an internal battery).
    ■ Once unlocked, a green LED turns on, and then you plug it into a USB port.
    ■ It appears to the system as a standard USB Flash Drive.
Unique features of this device vs. other I've used previously:

  • ■ Self-Contained encryption,
    ■ protection from brute-force via auto-wipe,
    ■ keypad has separate keys for every number (unlike the corsair padlock), and
    ■ FIPS 140-3 validated.
The cons for me:

  • ■ USB 2 only,
    ■ relatively expensive,
    ■ drive "cover" is not attached and easy to misplace.
I hope this helps.
 
Upvote 0 Downvote
Solution
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom