Ask HN: What do you think about the Secalot hardware token?
Comparing open source security tokens/OTP generators/UFA tokens/PGP Smartcards, it seems the product from secalot has the most features for a similar price as the alternatives. It also has open source software and hardware.
https://www.secalot.com/
Has anybody tried it and can compare it to more popular alternatives like the yubikey or the nitrokey?
How would you rate this from a security aspect? From the security point of view the most obvious difference to me is that Nitrokey contains a secure element while Secalot doesn't. (Secalot contains a microprocessor with cryptographic acceleration but don't confuse this with a secure element.) Secure elements are secure key stores which protect against extraction of cryptographic keys by malware and by physical attackers. Also Secalot seems to be a small project while Nitrokey is a (small) company, which might influence quality of security and maintenance too. Disclaimer: I'm with Nitrokey UG. Interesting. That is a definitive plus for Nitrokey indeed. I wonder if they plan on creating a version that supports PGP and U2F. I really like the Nitrokey pro version, it is pretty much everything I need except for the U2F. Yes, a Nitrokey with OpenPGP Card and FIDO is planned. You can get notified directly by subscribing its newsletter at https://www.nitrokey.com/newsletter Any planned realease date? I'm considering waiting for the release of it.