Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Encryption

jawtheshark's Journal: Ask Slashdot: Full disk encryption with hardware token 4

Journal by jawtheshark

I've been tasked to look into full disk encryption for the company I work for. We're talking just five laptops running Windows XP or Windows 7 that will need it. The other branches are going with TrueCrypt and I do have experience with TrueCrypt. It works fine, but only requires a password. I investigated it and I thought I could "emulate" a two-factor authentication by having a password plus providing a USB stick with a keyfile. Turns out that this is not possible with Truecrypt and full disk encryption.

I did Google around a bit, but I have no real comprehensive overview of "good" products. So, I ask the crowd here: what full disk encryption with two factor authentication do you use. Are you satisfied with it? Pitfalls to avoid.

This discussion has been archived. No new comments can be posted.

Ask Slashdot: Full disk encryption with hardware token

Comments Filter:
  • I use truecrypt now on my windows machines and whatever is baked into Fedora on my linux machines. Having two-factor authentication would be really nice on my travel laptop which is running win7. Though it would need to be something I wouldn't lose.

    • The journal was submitted as a story, because I thought it would be of general interest. Give it a push if you like.
  • According to Wikipedia [wikipedia.org], one of the options for bitlocker is to work with TPM's pin plus a USB Key. Doesn't help your WinXP systems much, though.

    Wikipedia says there are a lot more options than I thought [wikipedia.org], but their table layouts are terrible and doesn't actually mention supported versions of windows so you'd have to go one table and figure out which one has the features you want ("full disk encryption" isn't specifically named, but I'd assume that pre-boot authentication is a pre-requisite at least) then lo

    • Interesting... Thanks for all the information! I'm pretty surprised these is that much software doing this.

CChheecckk yyoouurr dduupplleexx sswwiittcchh..

Working...