AntiSpook

Correct, that is what *I* want. It isn't what she wants. The PC must autoboot into her user account. Frenemies expect to see her usage and certain files; boot it themselves into her account; and she wants to let them. She just wants to offload online passwords a USB keyfob outside their access/control or for that matter, even hers. I will set it up and she can have plausible deniability on how to add or change passwords. That way the frenemies cannot alter her online accounts or set up new ones for her. Maybe Nitro Key would be the right device. Merci!

The threat model is "frenemy" types using her PC while she's logged in. She has to stay with them sometimes and wants them able to use it (they often ask). So a password manager would not work, as it would let the frenemy use any account. The lady involved also wants to be able to tell them, honestly, "I don't know any passwords, my tech set it all up, use the machine without using my online accounts." So basically she wants to let others use her machine but NOT her online accounts. The issue is not 2FA either, really it's just completely offloading the login data to a physical carry device and somehow automating it. Merci!

On Linux, how viable is Rubber Ducky as a password manager keyfob. Suppose I define super-secure passwords for someone who won't herself know them. I have authorization to configure her online accounts. She will ask the Rubber Ducky to input a password of choice by magic key combo(s), or maybe a menu in Python or JavaScript or whatever. The data on the Rubber Ducky must be encrypted in case a third party gains access to it. It would be nice if she can put the Rubber Ducky on her keychain with her house and car keys, then only stick it in the PC when she needs to input a password. Would a USB Armory be better or worse for this use case? Any other guidance? Thank you.