Encryption Keys on Hardware Token


BestCrypt Volume Encryption can store encryption keys for volumes on hardware SafeNet (former Aladdin) eToken Pro and eToken Java removable devices connected to USB port. Detailed information about the devices is available on SafeNet Web site: http://www.safenet-inc.com.

When eToken supporting drivers are installed, BestCrypt Volume Encryption enables option Use SafeNet eToken to store encryption key in the dialog window appeared when you encrypt volume. If you choose the option, you will have to enter passphrase for the eToken you have inserted. The following picture shows the dialog window.


Encrypt Volume

If encryption key for volume is stored on eToken, accessing such encrypted volume will require the eToken device connected to USB port and entering an appropriate passphrase. Encrypted data cannot be accessed without any of these Two Factors: without knowing passphrase for the eToken or without the eToken device itself.

BestCrypt Volume Encryption has also a functionality allowing the user to backup encryption keys from one eToken to another and, if needed, completely delete encryption keys from eToken. Read more detail about the functions in Managing Keys on Hardware Token article.


eToken with encryption key for volume is required only for mounting the volume. After that you can remove the eToken from USB port and continue normal work with the mounted volume. The volume can be dismounted at any time by running Volume->Dismount Encrypted Volume command. Such a way of managing eTokens is chosen to minimize advertizing your use of eToken. Besides, it minimizes risk of losing eToken device.


See also: