Nitrokey and Nextcloud collaborate on securing private clouds

Post date

May 15, 2019


Jos Poortvliet

Stuttgart, Berlin, April 25 2018 – Nextcloud GmbH, supplier of the globally most deployed self-hosted content collaboration platform, and Nitrokey, developer if fully open and auditable security USB keys for two-factor authentication and cryptographic key storage, announce a collaboration to deliver Nextcloud users easy, reliable and secure second factor authentication solutions. Nitrokey Pro 2 and Storage 2 devices have been certified for Nextcloud and work has started to support FIDO2. Collaboration around end-to-end encryption is being evaluated.

Self-hosting a Nextcloud gives users 100% control over their data, protecting their privacy. But privacy doesn’t exist without security and Nextcloud offers many security features like two-factor authentication (2FA), brute force protection, server and client side encryption and much more. Nitrokey’s security and encryption devices are a perfect match.

The Nitrokey Pro 2 and Nitrokey Storage 2 devices have been verified to work correctly with Nextcloud’s one-time passwords for secure two-factor authentication (2FA). This protects users’ accounts in the event of compromised passwords. Furthermore the USB keys feature a password manager, a cryptographic key store for email encryption and SSH administration. In addition the Nitrokey Storage 2 contains an encryption mass storage drive with the option of hidden volumes.

FIDO2 authentication makes it possible to replace insecure and complicated password logins with secure and fast login experiences across websites and apps. FIDO2 uses the W3C’s Web Authentication specification (WebAuthn) and FIDO’s Client-to-Authenticator Protocol (CTAP2), which together let users use a device to easily authenticate to online services — in both mobile and desktop environments. In simpler terms, to log in to your Nextcloud (or another webservice) you just insert your Nitrokey and click a button or two to approve the login.

Nitrokey and Nextcloud are both starting to work on FIDO2 support and have agreed to collaborate on this, making sure Nitrokeys can be used to seamlessly log in to Nextcloud systems. More news is likely to come during the Nextcloud Conference in Berlin later this year.

Nitrokey and Nextcloud will explore further collaboration, seeking ways to provide enterprises and private users with even better, more advanced security measures in the future. One of these areas are Nextcloud installations in enterprises providing end-to-end encryption and demanding a secure way to store cryptographic keys. This is where Nitrokey HSM can provide a central key store to securely store keys and at the same time enable the organization protected access to their keys. Here Nitrokey HSM’s m-of-n access scheme allows to define a group of authorized administrators and to protect the keys against a single malicious administrator. Also, encrypted key backups are essential in order to fulfill compliance and availability requirements.

About Nextcloud
Nextcloud offers the industry-leading, fully open source, self-hosted Content Collaboration Platform, combining the easy user interface of consumer-grade cloud solutions with the security and compliance measures enterprises need. Nextcloud brings together universal access to data through mobile, desktop and web interfaces with next-generation, on-premise secure communication and collaboration features like real-time document editing, chat and video calls, putting them under direct control of IT and integrated with existing infrastructure.
Nextcloud’s easy and quick deployment, open, modular architecture and emphasis on security and advanced federation capabilities enable modern enterprises to leverage their existing file storage assets within and across the borders of their organization. For more information, visit or follow @Nextclouders on Twitter.

About Nitrokey
Nitrokey develops fully open and auditable security USB keys for two-factor authentication, cryptographic key storage and much more. Their devices are developed and produced in Germany, primarily in Berlin. No overseas manufacturing is used to ensure quality and avoid hardware security breaches. The installed firmware can even be exported and verified, preventing attackers from inserting backdoors into products during shipping. Nitrokey has many other unique features, like hidden encrypted storage for plausible deniability at border checks. Learn about their offering on their website.


Start the discussion at the
Nextcloud forums

Go to Forums
This site is registered on as a development site. Switch to a production site key to remove this banner.