It seems like the benefits are having the device lock/wipe itself after a set amount of attempts in case of a brute force attack and not having to run software to decrypt the drive on the device you plug it into.
I included a picture of the IronKey Keypad 200 but that’s just because it’s the first result that came up when I was looking for an example. There seem to be a few other manufacturers and models out there and they probably have different features.
I am curious what do you think of them? Do you think they are useful? Do you find it more a novelty?
It was an ExplainingComputers video titled Very Useful Small Computing Things that made me think of them.
Look up how hard it is for humans to remember long strings of numbers. That is WHY ICQ (and eventually phone numbers) were dropped almost immediately in favor of social media and the ability to exchange numbers just by tapping phones.
And in the time it would take to memorize a bar code (12-ish digits, depending on standard) you likely should be rotating that password anyway. And in the time it would take to memorize it you are also very blatantly reading off a sticky note as you “discretely” look at your notebook every time you want to access your password database in public. And if you aren’t in public? Why go through these extra steps when there are much better ways to secure this that are a lot more obvious if they are tampered with.
I get that a youtuber you like talked about this. Youtubers talk about a lot of stupid products in the interest of making Content. But maybe listen to the people who have experience with this kind of hardware and the kind of security theatre policies that make them “a good idea”.
I think you might be confused. I’m not saying these devices are good. I started the post by asking if people thought they were a novelty. I just don’t think it’s as black and white as you are making it out to be and we got off on a tangent about passwords.
I think often enough people have a few numbers memorized that they can use and a lot of the time they’re going to be too obscure to social engineer. I don’t think you could do some CSI Miami style deduction to easily find out a passcode that’s over ten digits in length.
I will admit you could probably brute force it and it’s going to take less time than an alpha numeric password.