When an IronKey is plugged into a laptop or desktop computer, the user must authenticate with a password before encryption keys are enabled and data and applications are accessible. Unlike software-based encryption, the IronKey Cryptochip does not export AES encryption keys to the host PC, thereby protecting against cold-boot and malware attacks.
The IronKey protects against brute-force password guessing attacks by using non-volatile access-failure counters stored on the Cryptochip itself. If a thief tries to break into an IronKey and enters 10 incorrect passwords, the Cryptochip securely erases all encrypted data with patent-pending Flash Trash technology. This ensures no data can be recovered from the device.
