A method for operating a secure storage device with a non-volatile memory on a computer system which executes multiple operating system instances. The non-volatile memory comprises one or more domains which are used by the operating system instances. A separate trusted key entry system is used to configure secret data of an operating system instance stored in the non-volatile memory. The method comprises setting a domain to either secure or non-secure mode; generating a unique identifier of the operating system instance; generating a secure hash for the operating system instance; and storing the secure hash in the domain.