Support some kind of touch sequence to type stored secrets without support from an OS application

[aitorpazos]

Summary

Sometimes I want to use static secrets stored on my Nitrokey in circumstances where there is no support from the OS. It would be great if Nitrokey could type those secrets after following some touch sequence.

Example scenario

I may be provided a laptop from my employer on which I need to enter some password early in the boot process (eg: BIOS boot password, Disk encryption password, etc). At this point I cannot rely on any script that uses nitropy and I may ask to use different auth mechanisms, but that won't happen short term.

Possible solution

If I could configure a sequence of touches for some static secrets that would type the secret, that would help. The sequence itself will be somewhat of a password to unlock that secret.

[daringer]

On a technical level this means the Nitrokey needs to (fake) register as a keyboard - at least this is so far I know how it's done on the Yubikeys - from a security point of view we are not convinced that the added convenience outweighs the accompanied misuse potential. On top the "touch sequence" you suggest can most likely not work consistently as the touch button is not that reactive to easily do something like "short-long-short"-touch-sequence-recognition.

In short this means that this will most likely not come in as a default (activated) feature - we are considering this as a configurable feature, but at this point this is not much more than an idea without planned activities yet.