Package

The Drive

The Kingston IronKey Vault Privacy 80 uses a metal case that has a great-looking blue surface with matte finish—definitely ready for the board room. The most prominent feature is certainly the large touch-screen, which is used to configure the device and enter the passcodes.

I've put an M.2 NVMe drive next to it, to give you a better feeling for the physical dimensions of the drive.


On one side you'll find the USB-C port to connect the storage unit to your system. The black part is plastic, but that shouldn't be a problem for durability.


When the unit powers up it performs some kind of self-test for a few seconds, and after that the boot loader takes over. Total boot time is around 15 seconds, so not "long", but definitely not "instantaneous".


After startup the password screen shows up, and you have to provide the password that you selected during initial setup.


Once the correct password has been entered, you get a choice of "Connect" (read/write mode) or you can connect in "read-only" mode. The globe icon lets you change the language and the cogwheel is for settings.


When connected, you get the option to disconnect it through the touch-screen, or of course you could disconnect it from within your OS, too, which is always a good idea, to ensure all caches have been flushed.


Wrong password? You've got a limited number of attempts (note the "14/15" counter).


After several failed attempts you have to power cycle the enclosure, which helps against automated bruteforce attempts, using a robot arm for example.


Too many failed password attempts? All data on the enclosure's storage will be deleted and the enclosure will reset itself to factory settings, so you can reconfigure it, set a new password, etc.


The various settings screens have tons of options, most are self-explanatory. Here's the more interesting ones explained:

• "Password rules" lets you choose whether your passwords must contain at least one number and/or at least one letter.
• "Password length" can be selected from between 6 (default) and 64.
• An interesting one is "randomize key layout", so people can't just look where your finger's smudges are on the touch screen and try to guess the password.
• "Auto-lock time" lets you choose a duration after which the drive will automatically lock itself, requiring a password again. For those cases where you've forgotten to lock the device manually

Great ideas overall, very nice!


You have support for all the major western languages on the IronKey Vault Privacy 80.

Disassembly

Taking the drive's clamshell construction apart is not easy and it's highly likely that you'll scratch or damage it in the process.


Inside you'll find a large PCB with the touchscreen and several microchips.


Oh look, this seems to be a good old 2.5" SATA SSD.


The sticker reveals that this is indeed a completely standard QLC-based Kingston A400 SSD. The controller is the Silicon Motion SM2259XT. The flash chips are Intel's aging 64-layer N18A QLC.


On the PCB the biggest component is the touchscreen, we're more interested in the various ICs though.


A STM32L452VE Arm Cortex-M4 MCU is the heart of the system, it is clocked at 80 MHz and has a USB interface. This seems to be the chip that's doing all the encryption.


In order to translate data between the external USB interface and the SSD's SATA connection, a Fujitsu MB86C311A USB 3.0-SATA Bridge IC is used.


Last but not least, we have the ASM1543, which is a USB-C Mux, so you can actually use the USB-C port.