Comparing open source security tokens/OTP generators/UFA tokens/PGP Smartcards, it seems the product from secalot has the most features for a similar price as the alternatives. It also has open source software and hardware.<p>https://www.secalot.com/<p>Has anybody tried it and can compare it to more popular alternatives like the yubikey or the nitrokey?<p>How would you rate this from a security aspect?
From the security point of view the most obvious difference to me is that Nitrokey contains a secure element while Secalot doesn't. (Secalot contains a microprocessor with cryptographic acceleration but don't confuse this with a secure element.) Secure elements are secure key stores which protect against extraction of cryptographic keys by malware and by physical attackers.<p>Also Secalot seems to be a small project while Nitrokey is a (small) company, which might influence quality of security and maintenance too.<p>Disclaimer: I'm with Nitrokey UG.