OnlyKey Product Details

Background

OnlyKey was created in 2016 to solve a problem that no other device solves. As a security consultant and ethical hacker I would often be asked the question "how do we securely manage passwords?" Before OnlyKey the best option was a software password manager. They are convenient, but software password managers can also be a huge security risk.

If your passwords are all stored on your internet connected computer or in the cloud then what happens if your computer gets malware or if the cloud is hacked? As an ethical hacker I regularly conduct tests for clients to identify security flaws and when I hear they use a software password manager I know that all I have to do is compromise one computer and then I will be able to access every account the user has. These accounts then provide access to additional resources and many times eventually lead to compromise of the entire enterprise.  

OnlyKey Founder Tim Steiner CISSP-ISSAP, OSCP, CEH

How is OnlyKey different

Physical User Presence

OnlyKey was developed by a team of security experts and white hat hackers to stop malicious hackers. One thing hackers and malware on a computer cannot do is physically touch something. 

  • In order to use OnlyKey to log in, physical touch is required.
  • In order to read a secure message, physical touch is required.

Open Source

When our team first started building OnlyKey, security and openness were top priorities. Our design is open source and reviewed by the community to verify that there are no backdoors. This just isn't possible with other closed source products.

PIN Protected

When you first receive your OnlyKey the first step to set it up is to set a PIN. The PIN is entered directly on the OnlyKey PIN pad to activate OnlyKey. This provides the following advantages: 

  • Physical Security - If you lose your OnlyKey it is unusable without knowing the PIN.
  • Protected on Untrusted Computer - The PIN is entered on OnlyKey instead of on a computer. Entering a PIN on a compromised computer would result in compromise of the PIN. 
  • Only One PIN to Remember - Protect all of your accounts with only one PIN to remember.

See it in action

Touch to Login

After OnlyKey is unlocked touch a button to automatically: 

  • Type and browse to the login page
  • Type username
  • Type password
  • Type two factor OTP or authenticate as security key (FIDO2 / U2F)

OnlyKey Features

Universal Support

Supports Windows, Mac OS, Android, Linux, and Chrome OS. Driverless operation – Recognized by computer as a regular keyboard.

Portable. Durable. Waterproof

On-the-go – Easily attach and detach the OnlyKey to your keychain and bring it everywhere you go.

PIN Protected

Your PIN code must be typed onto the 6 button keypad of the OnlyKey in order to unlock. If you lose OnlyKey no problem, it is PIN protected and can’t be used without the PIN, enter the wrong PIN too many times the data will self destruct

Where Convenience and Security Meet

OnlyKey is dual use. It functions as a password manager and a two-factor token. You can plug OnlyKey into any computer, press a button, and it types out a username and password the same as if you typed it yourself; but with one big difference, you don’t have to remember passwords! OnlyKey does that for you. This allows using very complex and secure passwords that cannot be cracked by any available methods.

Secure by Design

Information can only be written to the OnlyKey or wiped. This protects your data even if the connected computer has been compromised. Unlike smartcards that are vulnerable to keylogger attacks, the PIN used to unlock OnlyKey is entered on the OnlyKey itself.

Key Features

Hardware Password Manager

OnlyKey stores up to 24 unique accounts in offline storage and can be used to secure an unlimited number of accounts if used in conjunction with a software password manager. Learn about password security strategy or see example here.

Universal 2-Factor Token

Supports Google Authenticator (TOTP), Yubikey® compatible OTP, and Universal 2nd Factor (U2F). Chances are that if the website supports two-factor authentication, OnlyKey is compatible.  

SSH Authentication

SSH authentication is easy with passwordless login. Your SSH key remains securely stored in hardware and not available to attackers.

OpenPGP Support

Using OnlyKey and Keybase makes OpenPGP easier than ever.

Self-Destruct Feature

In a pinch and want to wipe your OnlyKey? Enter your self-destruct PIN to wipe EVERYTHING! Plus you can always restore from backup easily.

Plausible Deniability Feature

The first and only hardware solution where only you hold the keys + no proof there even are keys! Travel abroad without having to give up your encryption keys/passwords.

Encrypted Backup Anywhere

OnlyKey types out the encrypted backup so it works anywhere independent of apps. Save the encrypted backup to a file or email it to yourself.

Other Features

Automatic Lock Feature

Want your OnlyKey to automatically lock itself after being inactive for 30 minutes? No problem, this is customizable.

Advanced Hardware Security

Once a PIN has been set on your OnlyKey it locks down the hardware so that even if an attacker gains physical access to your OnlyKey, without the correct PIN it will be useless.

International Keyboard Layouts

OnlyKey is the world's first device to allow changing your keyboard layout on the fly. Supports multiple international keyboard layouts.

User Selectable Type Speed Feature

Want your OnlyKey to type out information faster or slower? No problem, this is customizable.

More Information

For additional information check out the OnlyKey documentation.

Check out OnlyKey setup videos available here