• boredsquirrel@slrpnk.net
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 months ago

      opportunistic TPM integration would be nice.

      I.e. use the security chip of the device, if one is found. Otherwise use password.

      OR use a Nitrokey etc, which can act as a secure device to store these keys too.

      Take that, Windows. You dont need a builtin TPM if you can use a Nitrokey 3 with a secure element, externally.

    • Evotech@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      No your don’t understand, you’re supposed to encrypt the keys.

      Then you encrypt that key

      And then that key

      Until it’s all encrypted /s