I’ll start with a disclaimer; I’m a software developer. This device is exactly what I was looking for and provides a lot of control, but it could be overwhelming for less technical users. There are more simple products which still provide very good security.
With that out of the way, this device is amazing. It has the usual hardware key functionality (FIDO2/U2F/WebAuthn) which gives very secure authentication with a single tap. Unfortunately, many websites don’t support these standards and TOTP (Google Authenticator) is more popular. That’s okay, because you can register a slot on this key to type the six digits, much like it can with a password!
It has 6 slots per profile with 4 profiles, so 24 slots in total. Each slot can store a URL, username, password and a 2FA key.
All of that and it’s secured by a pin which you can put into the device itself, which will protect you from keyloggers. If you’re not worried about that, you can type the pin into the app too.
For the nerds, this key has its own support for SSH and GPG keys. I prefer to use the U2F functionality in the newer version of SSH, but both work well.
A few things you should know:
– TOTP only works if you’re running the app (also available as a web app) because the key needs to know the time. Not a big deal, just something to be aware of.
– The minimum pin length is 7 digits. This is probably reasonable on the original OnlyKey, but it’s fiddly on this one. If your dexterity isn’t great, you’ll have a bad time. You can put it in on the app instead, but the original OnlyKey and an OTG adapter might be better suited to you.
– There’s no mobile app. You can use the web app, but this only provides the time to the device (for TOTP) and message/file encryption.
Even with those caveats, I’m really happy. I don’t think there’s another hardware key which ticks the same boxes as this one.
Report