• Your shopping cart is empty!



Full-Disk-Encryption (FDE) technology protects data at rest by transparently (to the user) and at low level encrypt all data stored on the hard drive of a protected computers and is considered the most complete protection of such data.

Most FDE solutions implement a Pre-Boot Authentication environment (PBA), frequently implemented as a hardened – not network connected – lightweight operating system kernel, to which the user must successfully authenticate at boot time in order for the key to be recreated and provided to the encryption driver or to the encrypting disk so that the normal host operating system can start.

There are various two-factor authentication options available in commercial FDE products. However, most of the options require installation of additional hardware e.g. smart card readers and/or special drivers. YubiKey on the other hand is simple to use and has following distinct advantages:

• Does not require any additional hardware to be installed
• Uses standard USB port that is virtually ubiquitous on all personal computers used today
• YubiKey in Challenge-Response mode does not require network access in the pre-boot environment


• YubiKey Hardware
• Personalization Tool

How to implement YubiKey + FDE

• Implementation Guideline (pdf)

This guide shows how YubiKey two-factor authentication in Challenge-response mode can be implemented to work seamlessly in FDE products.

Wieso YubiKey

Für welche Anwendungen eignet sich YubiKey?

  • Computer Login (Microsoft, Apple Mac OS X und Linux)
  • Safari, Firefox, Internet Explorer, Microsoft Edge
  • Google Apps, Gmail, Dropbox, Facebook, Salesforce sowie andere Internetdienste
  • CMS (Joomla, Wordpress)
  • Passwort Manager (LastPass, Password Safe, KeePa, etc.)
  • Single Sign-On (SSO)und SAML
  • Remote Access & VPN
  • Integration in Software oder IT-Systeme
  • Serversicherheit
  • Festplattenverschlüsselung
  • IDO U2F (Universal 2nd factor)

Welche Vorteile hat YubiKey?

  • ein einziges Tool für viele Funktionen
  • schützt zuverlässig vor fremden Zugriffen, pishing, hacking
  • sicherer als Passwörter und andere Authentisierungsverfahren
  • extrem einfach zu nutzen
  • spart Zeit bei User und Supporter
  • immer verfügbar: braucht keine Batterie und keine online Verbindung
  • braucht keine Treiber oder spezielle Software
  • klein und leicht
  • wasserfest und bruchsicher