Price: $55.99
(as of Nov 12, 2024 04:48:08 UTC - Details)

Product Description

DO YOU KEEP FORGETTING PASSWORDS?

This isn’t uncommon. With so many websites and so many log ins, remembering all your passwords can be impossible. What one website requires may be different from another, and sometimes, these sites even ask for multiple passwords that are just difficult to recall. Your solution is keeping a note or a software based password manager. But are these safe and secure? Not at all. They can also be deleted or worse stolen by a hacker, so what is there to do now?

With OnlyKey by CryptoTrust, convenience and security are covered!

ONE PIN FOR ALL

OnlyKey is the world’s first plug-and-play encryption device that stores all of your accounts securely offline. Unlike smartcards that are susceptible to a keylogger stealing the user’s PIN. This PIN is securely entered on the device itself. OnlyKey has multi-color alerts that turn green if you’ve entered the correct PIN, red if you’ve entered the wrong one, blue for FIDO2 / U2F authentication, and purple for SSH/GPG.

SECURES INFORMATION

Because your device is PIN protected, you can be sure that your personal data is safely stored. Using OnlyKey as FIDO2 security key means that even if hacking occurs or a website is breached, your personal information will not be leaked. This is because OnlyKey stores your credentials and passwords in secure hardware offline.

PROTECTS WITHOUT COMPROMISE

OnlyKey supports any website or application with a secure (up to 56 character long) password. It also supports 2-factor authentication. This simply means that you can use this device to log into your computer, your online account, or pretty much anything. No need to remember your passwords, our device will type it in for you. As a result, you get to protect both your credentials and the things you want to access. You get an additional layer of protection and can prevent security breaches.

AN ALL-IN-ONE SOLUTION TO YOUR PASSWORD DILEMMA

FUNCTIONAL

Able to perform multiple functions, this smart password manager also receives regular updates as well as new features. Practical and versatile, it can also be used for SSH and to secure OpenPGP messages and files. OnlyKey GPG Agent provides a way to securely use OnlyKey for OpenPGP on a local computer. With OnlyKey WebCrypt use OpenPGP anywhere, supports Firefox, Chrome, Brave, Safari, Edge, and mobile browsers! It is easy to use and store, and it’s one device you need in this day and age.

EASY ATTACHMENT & USE

Not only can our password manager securely log you in wherever you are, it can also easily attach to your keychain using the provided keychain quick-connect adapter. Compact and portable, all you need to keep your passwords secure is this single device. Just one PIN to remember, and all your information is kept safe and protected. Now, you can leave home with just this device and go about with your daily routine.

YOUR DAILY COMPANION

Because it keeps all your information protected, you know that this is one device that should not be misplaced. That is why OnlyKey supports secure backup so that restoring all of your accounts is easy if you do misplace it. You can even have two OnlyKeys so that there is always a backup ready. OnlyKey is the missing piece to your personal security puzzle, and it is time you start protecting your information. Plus, it’s waterproof, durable, and about the size of a house key, so it’s super convenient!

Add to Cart

Add to Cart

Customer Reviews

4.1 out of 5 stars

561

3.1 out of 5 stars

33

4.6 out of 5 stars

16,992

Price

$55.99$55.99 $55.99$55.99
—

Profiles
2 4 1

Touch Buttons
6 3 1

Password Storage
24 24 up to 2

Secure Backup
Yes Yes Not Supported

Interface
USB-A BOTH USB-A and USB-C USB-A

Size
20mm x 52mm x 6.5mm 15mm x 26mm x 7mm 18mm x 45mm x 3.3mm

Open Source Firmware
Yes Yes No

Self-destruct / Wipe feature
Yes Yes No

Automatic Lock | International Keyboard Profiles | Multi-color LED
Yes Yes No

On Device PIN
Required Supported Not Supported

✅ PROTECT ONLINE ACCOUNTS – A password manager, two-factor security key, and secure communication token in one, OnlyKey can keep your accounts safe even if your computer or a website is compromised. OnlyKey is open source, verified, and trustworthy.
✅ UNIVERSALLY SUPPORTED – Works with all websites including Twitter, Facebook, GitHub, and Google. Onlykey supports multiple methods of two-factor authentication including FIDO2 / U2F, Yubico OTP, TOTP, Challenge-response.
✅ PORTABLE PROTECTION – Extremely durable, waterproof, and tamper resistant design allows you to take your OnlyKey with you everywhere.
✅ PIN PROTECTED – The PIN used to unlock OnlyKey is entered directly on it. This means that if this device is stolen, data remains secure, after 10 failed attempts to unlock all data is securely erased.
✅ EASY LOG IN –No need to remember multiple passwords because by plugging OnlyKey to your computer, it automatically inputs your username and password. It works with Windows, Mac OS, Linux, or Chromebook, just press a button to login securely!
Reviewer: Amazon Customer
Rating: 5.0 out of 5 stars
Title: How I use my Onlykey.
Review: I see some long reviews here, so I'll try to not retread and pass on what I've learned about this thing. Everyone has different desires so maybe this won't work how you think, or maybe it will.I wanted to secure my logons across the web, going with unique LONG passwords on every account I valued. Also I wanted to use U2F on every site that supports it. This device does both of those.Upon starting the Chrome App, you are asked to set your pins. It took me about 5 or 6 tries to get through this step. The buttons are strange and take getting used too. For one thing, they register a "press" when you "release" the button. It also blinks the light with each successful press. No light = no press. Using the silicon sleeve MASSIVELY helps me press the buttons.Next you get to the SLOTS Tab in the app where you are presented with boxes for entering your U2F info which takes up fully HALF the page! So obviously you have this fill this out right? Nope. You CAN fill this out, but it all comes pre-configured. No need to mess with that unless you desire.When you choose a slot to configure, you get a page full of options. While you can fill all this out, I've found that; for me, it's best if I just enter the password. Just because you can configure it to auto-type the URL, login ID and password, doesn't mean it's all that great of an experience when you do. It types slow, probably won't work between different browsers, and so forth. I've found my PC asking simply for a password on occasion and with my impossibly long password, I can't type it in. Neither can I use the Onlykey if it has the URL and logon configured. So for my use of unique, really long impossible passwords, it's best to only configure each button for a password and leave it at that. But that's perfect. Bookmarks and URL links are everywhere. No need to configure them here.Some other things not explained well.If you want to use it for U2F.....First thing to do is pick a slot to dedicate to U2F. I picked slot 6. Go down to the bottom, use the U2F option and save it. Now button 6 is your U2F key. The Onlykey flashes blue when it is being asked for the U2F key. When it flashes press the 6 button. According to the manual you can also configure the same key for passwords and URL's. This either confused me or the device, and it didn't work, or I didn't understand how to make it work for me. I'm happy just using a slot for U2F.Next, you can't "edit" your slots. You "Update" them. Meaning you can't see what's in a slot, so just check the box for the entry you want to update, put in the data, and hit save. Once I figured out how to update and I stopped re-entering ALL my data each time I wanted to change a slot, I started liking this device much more.If you hit "WIPE", it does not wipe that slot, it wipes the entire device. *sigh*. This button should be on the home page, not on the slot page.I got an OTP adapter and used this on my Droid Maxx2 and Samsung Tab S2 to log into the browsers (another reason I have to skip the URL/ID's).So my use is as a tiny hardware password-typing keyboard. It works well, and I feel a lot more secure using impossible passwords for everything.Finally, I use a 3 " USB extension cable which gives me flexibility to type in the pin numbers more easily.To summarize:Put on the silicone cover.Use the 3" USB extension cable.Dedicate a button/slot to U2F.Skip the URL's, just use passwords.Wipe Button wipes the device not the slot.

Reviewer: zentype
Rating: 5.0 out of 5 stars
Title: This device is awesome. As long as you use some common sense and take the time to learn it.
Review: This device is like a car... or even a gun. It is either something extremely useful, or it could be dangerous if you don't use common sense in how you use the features it offers:-U2F is great for sites that support it and is zero risk. You assign a button to this and just press it when you need it. If you happen to press it accidentally, nothing happens.-Google Authenticator (or other TOTP authenticator). This works well and zero risk. I have it there as a backup but considering I also have U2F set up, it kind of isn't needed. If you press it accidentally, it just gives you a code that is time based and useless to people who see it.-Storing entire websites, logins and passwords to each key. This is a great feature but I personally don't use it (I have a dedicated password manager for that) IF you do decide to use it, just remember that once you unlock your device, and you press the assigned button, it WILL type everything you have stored to that slot. The idea is if you press the button, it takes you to a url and automatically logs you in. SO keep this in mind if you have your device unlocked that you can accidentally trigger it. Use some common sense, and don't have it plugged in and unlocked while you are doing a presentation or have eyes on your screen other than your own. If you do use this, I recommend only storing part of the password. (see below)-Storing partial passwords to larger master passwords. I use this a lot. And if you get this device, I highly recommend it. You assign a button to type in some of your complex password (preferably the complex portion) than you type in the simpler part of the password that's easily memorized. That way even if you accidentally press a button, it'll just spew strings of complex characters that won't make sense to anyone. Relatively harmless and useless to people who don't know the rest of the password.I've seen about 3 people mention that they're having issues using the keypad. I'll say I have never once mis-typed my PIN on the keys. They're touch sensitive and very responsive. I do use the silicon sleeve that helps keep the touches isolated to the keys so that might be why. Or they might just have faulty keys. All I know is from my experience, if they're working as they should, they're easy to use to enter your PIN.All in all this is a great device. And I'm planning to order another one as a backup. The other keys out there are good as well. But I picked this one because of a few key reasons: a security PIN to unlock (a must for a security related device IMO), an auto-self destruct -- So if someone tries hacking my PIN, it explodes with the force of a small kiloton bomb (kidding but it does wipe out all data) and a few others that I want to keep relatively unknown unless someone reads the instructions ;)Just watch where you point that thing and keep the safety on.

Reviewer: Jace C.
Rating: 5.0 out of 5 stars
Title: The most useful physical private key, due to password manager
Review: YES, BUY THIS KEY, IT IS GREAT, HIGH SECURITY AND NEVER WORRY ABOUT COMPLEX PASSWORDS AGAIN. THE POSITIVES OUT WAY THE NEGATIVES.NEGATIVESLearning curve for people that are good with tech. Definitely should offer a case cover to put entire key inside. I bought a case from another company for key chain.FIDO2 only works for Google, Facebook and other big tech. However, having key to heavily protect only these sites until/unless physical key becomes more standard, for ex. Banks. It's still worth only protecting big tech sites because your life is on them. Making protecting only two or three big tech sites actually very valuable.Plus, that is not only keys fault. Or the fault of any physical private key company. All websites should offer physical private key option. What are Banks waiting for? Big tech offers it because they know it is the most secure option.It's most secure because it's not stored on your computer and you must physically touch key with pin in the only key to use.POSITIVESPassword manager works for everything. That is where learning curve is.THE PDF THEY OFFER IS REALLY GREAT, THEY CLEARLY CARE ABOUT THE PRODUCT AND THE CUSTOMERS UNDERSTANDING OF WHAT ALL OF THIS SECURITY STUFF IS.Is this key worth having. I recommend everyone get one. It's hard to get hacked or have identity stolen if you are using this key. DO NOT SET A BACK UP WAY TO GET INTO GOOGLE OR FACEBOOK. THAT WOULD MAKE HACKING YOUR FB GOOGLE EASY. IF PHYSICAL PRIVATE ONLY KEY IS THE ONLY WAY IN THEN HACKERS ARE NOT GETTING IN. BUY TWO OR THREE OF THESE. MIRROR THE KEYS INFO AND PUT ONE KEY IN SAFE. I highly recommend this physical key. The learning curve is worth the trouble.

Reviewer: langjahr1978
Rating: 5.0 out of 5 stars
Title:
Review: Sehr gute produkt,ich kann ihnen empfehlen

Reviewer: Denis Beurive
Rating: 5.0 out of 5 stars
Title:
Review: Après 3 ans d'utilisation, je reviens sur mon appréciation pour dire que sur ce produit est, selon moi, l'un des meilleurs (sinon le meilleur) de sa catégorie.Point 1L'accès à la clé est protégé par un code que vous entrez via un clavier physique directement sur la clé. La présence d'un clavier physique directement sur la clé est un avantage énorme comparé aux produits concurrents qui n'en possède pas! L'entrée d'un code PIN via une application (logiciel) est intrinsèquement non sécurisée :Si la sécurité de l'ordinateur que vous utilisez pour entrer le code PIN est compromise, alors le code PIN peut être intercepté. Le cas échéant, si on vous vole votre clé, rien n'empêche le voleur de l'utiliser pour vous nuire.Avec OnlyKey, il est impossible d'intercepter le code PIN (car ce dernier ne "transite pas par l'ordinateur"), même si la sécurité de l'ordinateur que vous utilisez est compromise ! Si on vous vole votre clé, le voleur ne pourra pas l'utiliser pour vous nuire !Pourquoi les produits concurrents ne sont-ils pas équipés de claviers physiques pour entrer le code PIN ? Pour faire des économies... probablement.Point 2Contrairement à de nombreux produits concurrents (pour ne pas dire la majorité), OnlyKey permet de sauvegarder la configuration de la clé et de restaurer la sauvegarde sur une autre OnlyKey.Cela vous permet d'avoir une (ou plusieurs) OnlyKey "de remplacement" si vous en perdez une, par exemple.C'est absolument indispensable !Remarque : De plus la technique implémentée pour produire la sauvegarde est très pratique (je passe sur ce détail technique cependant).Point 3OnlyKey permet de signer et de chiffrer des documents ou des messages via l'application disponible.Le seul petit défaut est qu'il s'adresse à un public plutôt "averti" (capable d'apprécier la qualité du produit, mais qui possède un certain bagage technique).Je suis ingénieur en développement et en cybersécurité depuis 26 ans. Et, pour moi, OnlyKey est la plus avancée des clés disponibles aujourd'hui. Je recommande ce produit à tous les ingénieurs en informatique, et à tous les amateurs "avertis".À noter : le logiciel est libre, ce qui est un très gros point positif. De plus, les concepteurs répondent aux questions (sur le forum technique).

Reviewer: acee
Rating: 5.0 out of 5 stars
Title:
Review: Sophisticated multifunction PIN protected security key and OTP generator. Also stores logins and passwords.The Onlykey is used to enhance security in IT applications. The key is supplied together with a silicone rubber covering (despite what some reviewers say) and a keyring attachment in a bubble packet. There are no instructions but detail of a website is provided that has extensive information about setup and use. I have little prior experience with this sort of equipment but found setting up the key very straightforward.There are many security keys available but their functions vary. The OnlyKey is the only one I have found that is protected by a PIN code which is entered on the device itself. Once the Onlykey has been unlocked it can be programmed to remain open until removed from the USB port or to automatically lock at any time between 1 and 255 minutes. I prefer not to have to keep re-entering the PIN so have mine set to a long time. When I leave my PC in sleep mode it still provides power to the USB ports but the OnlyKey can be locked by pressing number 3 for 5 seconds.OnlyKey can act as a simple security key; it can provide One Time Passwords at the touch of a button (like Google Authenticator codes), it can encrypt files and it can save password and logon information. It can also be used with W10 Hello but needs an additional PIN to be entered which to me is not ‘passwordless’. For this reason, I unlock windows by using the OnlyKey to input the Windows PIN, which it will do at the touch of a button. The OnlyKey allows storage of logon data and OTP’s in up to 24 slots. This is achieved allocating a slot to each of its six keys with a short press and another slot following a long key press. Following logging into the OnlyKey again with a different PIN code allows a further 12 slots to become available.The OnlyKey outputs data to the PC by acting like a virtual keyboard. This means its performance can be monitored by opening a text window on the PC and touching a button which results in the content of the slot being printed in the text window. Interestingly my PC is set up to come out of sleep when I press a key on my keyboard but activating the OnlyKey does not wake it up.The key’s software is a little clunky but it is very flexible. Features of the design could be improved. The key does not have a flat under-surface which means it rocks if buttons are pressed when it sits on a table top. The location of the LED is poor. The multicoloured LED feeds back invaluable information to the user about the state of the OnlyKey, such as whether it is locked or not, but cannot be seen when operated on a desktop. The key needs to be redesigned so the light is visible while the keys are being touched. I use the OnlyKey plugged into a USB extension cable and have it strapped to a piece of clear plastic that allows the LED light to escape and so be visible. The key is also supported so it does not rock.The OnlyKey is an invaluable and sophisticated security key. It is easy to use and has multiple functions. It comes into its own when paired with a password manger like BitWarden.

Reviewer: Fidel
Rating: 5.0 out of 5 stars
Title:
Review: Llevo varios meses utilizando mi OnlyKey a diario: con KeepassXC para gestión de claves y para conexiones SSH. Al principio tenía algunos bugs pero tras algunas actualizaciones ahora todo funciona perfectamente. La he usado alguna vez conectada a mi teléfono móvil por USB OTG, pero es algo muy esporádico y es un fastidio tener que andar con un adaptador de USB-A a USB-C.Aprecio mucho que el software para usar la llave sea libre, por un lado me ha permitido arreglar personalmente algunos bugs que me he encontrado y por otro siguen llegando nuevas funcionalidades (como soporte para firmado con claves PGP/GPG). Hay mucha flexibilidad para usar la llave en muchos escenarios diferentes.Un detalle importante sobre esta llave es que las claves privadas no están protegidas contra ataques contra el hardware interno, porque está basada en Arduino y no dispone de un elemento seguro. Esto significa que si alguien se apropia de la llave y dispone de suficientes recursos (miles de euros en equipamiento especializado) probablemente podría extraer los datos. Si este es un vector de ataque del que necesites defenderte entonces mejor busca productos con un elemento seguro que se haya probado resistente contra ataques (aunque en estos casos tienes que confiar en los fabricantes, que no tengan puertas traseras por ejemplo).Dicho esto la OnlyKey es la llave de seguridad más flexible del mercado hoy por hoy. Si tu principal preocupación es proteger tus claves privadas frente a un ataque de malware en el ordenador o un ataque hardware tipo BadUSB entonces OnlyKey es una buena opción.

Reviewer: Stefano Comelli
Rating: 5.0 out of 5 stars
Title:
Review: La prima cosa da dire, per evitare malintesi, è che si tratta di un dispositivo che non è assolutamente plug & play.Per utilizzarlo appieno e quindi apprezzarne l'effettiva utilità è necessario avere buone conoscenze e manualità informatiche. In parole povere: è un dispositivo adatto ad un professionista o per uno smanettone, decisamente più difficoltoso altrimenti.La configurazione, specie le prime volte, è un po' macchinosa. In particolare, visto che i valori si possono scrivere ma non leggere, è consigliabile farsene una brutta copia su un file di testo per evitare di dover reinserire tutto daccapo a mano se si deve cambiare solo una virgola.Unico neo per esperti: è un peccato che il supporto PGP si limiti ad una WebApp e si appoggi troppo ed esclusivamente su Keybase.