How It Works
OnlyKey was created in 2016 to solve a problem that no other device solves. As a security consultant and ethical hacker I would often be asked the question "how do we securely manage passwords?" Before OnlyKey the best option was a software password manager. They are convenient, but software password managers can also be a huge security risk.
If your passwords are all stored on your internet connected computer or in the cloud then what happens if your computer gets malware or if the cloud is hacked? As an ethical hacker I regularly conduct tests for clients to identify security flaws and when I hear they use a software password manager I know that all I have to do is compromise one computer and then I will be able to access every account the user has. These accounts then provide access to additional resources and many times eventually lead to compromise of the entire enterprise.
How is OnlyKey different
Physical User Presence
OnlyKey was developed by a team of security experts and white hat hackers to stop malicious hackers. One thing hackers and malware on a computer cannot do is physically touch something.
- In order to use OnlyKey to log in, physical touch is required.
- In order to read a secure message, physical touch is required.
When our team first started building OnlyKey, security and openness were top priorities. Our design is open source and reviewed by the community to verify that there are no backdoors. This just isn't possible with other closed source products.
When you first receive your OnlyKey the first step to set it up is to set a PIN. The PIN is entered directly on the OnlyKey PIN pad to activate OnlyKey. This provides the following advantages:
- Physical Security - If you lose your OnlyKey it is unusable without knowing the PIN.
- Protected on Untrusted Computer - The PIN is entered on OnlyKey instead of on a computer. Entering a PIN on a compromised computer would result in compromise of the PIN.
- Only One PIN to Remember - Protect all of your accounts with only one PIN to remember.
See it in action
Touch to Login
After OnlyKey is unlocked touch a button to automatically:
- Type and browse to the login page
- Type username
- Type password
- Type two factor OTP or authenticate as security key (FIDO2 / U2F)
Touch for File Encryption and Message Encryption
OnlyKey is OpenPGP compatible and the worlds first plug and play encryption device. It is universally supported (Windows, Mac, Linux, Android) and does not require special software or drivers. With OnlyKey you have offline cold storage of your OpenPGP keys and can still easily encrypt messages and files.
With OnlyKey your keys remain safe in secure hardware and Keybase makes sending secure PGP messages easier than ever.
- More OnlyKey videos available here
- Works with OnlyKey - Find a list of services and applications that work with OnlyKey here
- OnlyKey knowledge base here