It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.
I included a picture of the IronKey Keypad 200 but that’s just because it’s the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.
I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?
It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.
One thing I can tell you, it’s that you can’t use them as bootable drives to install an OS from. And if you try to pass the USB connection from an ESXi host to a VM on it, it won’t work.
Aside from that, they’re really annoying to work with.
Didn’t use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the “so which drives are bootable?” phase.
It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).
If you are lucky enough to know the admin key for the apricorn drives you can put them in lock override mode which keeps it unlocked till it completely loses power off the USB bus
Ah it was easy enough to get the iron key unlocked during post, as those HP servers take forever to boot, problem was the bios couldn’t recognize the USB. Whatever firmware is on it that does the security confused the system, and while it saw the drive, it didn’t know what it was and wouldn’t boot from it. In both uefi mode, and in legacy bios mode