Frequently Asked Questions
Edit me
OnlyKey is protected with a clear potting compound that provides:
1) Durability - OnlyKey is crush and impact resistant, it stands up to abuse. You can carry it on your keychain, in your pocket, etc.
2) Waterproof - Accidentally leave your OnlyKey in your pocket and it goes through the washing machine? No problem.
3) Transparency - It is possible to visually verify that things have not been tampered with and there is not a hardware backdoor installed.
OnlyKey Cases Now Available!
To provide even more durability and style OnlyKey silicon cases are now available.

Buy now for $8.99, free shipping anywhere in US




Buy now for $8.99, free shipping anywhere in US


This case fits both the OnlyKey Original and the OnlyKey Color.

First it is important to understand how accounts are hacked as there are several ways and OnlyKey has unique features that prevent each type.

1) The site you use is breached (i.e. Yahoo, LinkedIn, Target, Anthem, Sony etc.)
If the site you use is breached the attacker may be able to get your password in a couple of ways.
a) They get a dump of all passwords in clear text.
b) They get a hashed dump of all passwords.

If a) then it does not matter how long or complex your password is they have got it.
If b) then the attacker has to crack the passwords and only the weak passwords will be obtained.

OnlyKey addresses b) by allowing users to set strong 32 character passwords that cannot be cracked by an attacker. And they are actually usable since you don't have to remember them, they are stored on your OnlyKey and typed out for you.

OnlyKey addresses a) by making two-factor authentication usable for users and compatible with the largest number of sites. If two-factor authentication is used then even if an attacker has your password they still can't access your account and you are protected.

2) The computer you use is hacked (you click on a malicious website or download malware accidentally)
If the computer you use is hacked and you use a software password manager like LastPass, Dashlane, or even KeePass the attacker is in your computer and can see everything that you can see including your passwords. This is scary considering that now instead of just having one account compromised a hacker has access to everything in one fell swoop. In fact if this happens you would have been better off to have not used a password manager in the first place as a hacker would have a more difficult time in finding out what accounts you had.

If the computer you use is compromised the attacker may be able to get your passwords in a couple of ways.

a) They log all of your keyboard input (Keylogger) or clipboard if using a software password manager
b) They wait until you unlock your software password manager like Lastpass and download the entire database of passwords for all of your accounts.

OnlyKey addresses b) by storing everything offline. Essentially OnlyKey is secure by design so that you can only every write or wipe passwords stored on the OnlyKey. If an attacker gains access to your computer there are no passwords stored there to steal. Even if your OnlyKey is plugged in and unlocked there is no way to download or copy information from the OnlyKey.

OnlyKey addresses a) by making two-factor authentication usable for users and compatible with the largest number of sites. If two-factor authentication is used then even if an attacker captures your password they still can't access your account without obtaining your one-time password. One time passwords used by Yubikey OTP are only valid once and Google Authenticator OTPs are only valid once and for a short period of time, usually 30 seconds.

3) Your cloud based password manager was compromised.
In this scenario you have chosen the convenience of having passwords accessible anywhere you go with the security trade off being that they are being stored online in the cloud. The provider assures you that the accounts will never be hacked but they missed something and now an attacker has access to every account you own. With OnlyKey you can store your most important accounts offline so that they are never susceptible to this type of attack.
The data stored on OnlyKey is encrypted with military grade encryption (AES-256-GCM) and most importantly is PIN protected.

What this means is that if you lose your OnlyKey it is essentially a brick without the PIN, nothing can be read from or written to it.

If an attacker tries to guess the PIN it will wipe all data after 10 failed attempts.

What about getting my accounts back? This is where the secure encrypted backup anywhere comes in. You can create encrypted backups anywhere by just holding the #1 button down on the OnlyKey. This means that only a physical person can initiate a backup (not malware) and it essentially types out the encrypted file so you can save it anywhere in a text file, email, etc.

To restore you data if you lose your OnlyKey you can restore this backup to a new OnlyKey or if you like to plan ahead then get a secondary OnlyKey and restore your backup so it is ready in case your primary is lost.

Read more about the technical physical hardware security and encrypted backup feature in the users guide available here.
Smart Cards are commonly used to provide two-factor authentication and decryption/signing for things like email. Unfortunately, if the computer that a smart card is plugged into is compromised by an attacker then the security of the smart card is compromised. All the attacker has to do is easily capture the keyboard output (Keylogging) and they can capture the users smart card PIN. With this PIN they can then authenticate to anything that the user has access to and also decrypt/sign emails as if the user had done so. This is a serious threat and one of the reasons that the OnlyKey project was started. With OnlyKey your PIN is entered on the 6 digit keypad located on the device itself that does not in any way send this PIN to the connected computer. In this way the PIN entry is offline and inaccessible to an attacker who has compromised the connected computer.

In addition to PIN security OnlyKey has functionality that smart cards do not like password management, SSH login, and is universally supported without the need for drivers to be installed. The OnlyKey is detected by the computer as a keyboard and no middleware or special drivers are required. OnlyKey can literally be plugged in and used on a computer that you have never used before and it works without installing anything.
There are a variety of hardware and software tokens out there. Some support U2F and others support Yubikey OTP and yet others support Google Authenticator (TOTP). Unfortunately for users not all websites support all of these. There is no standardization of two-factor support among websites so in order to log in using a token you often need multiple tokens and apps. OnlyKey set out to address this issue and make two-factor authentication usable by supporting the methods most commonly used by websites. Additionally, by combining this with password management we can provide users with a secure login with the touch of a button. A one touch login is the kind of user experience we think that users want and that is what OnlyKey is all about.
The International Travel Edition firmware is essentially a stripped down version of the Standard Edition firmware. The crypto libraries have been removed so that it will be a fully functional password manager but not utilize encryption and may be usable in countries where encryption is illegal.
There are two big reasons to have the two separate versions of firmware.

1) The International Travel Edition is not subject to any export restrictions that would apply to export of crypto outside of the US since it performs no encryption.

2) By actually having a version in use that does not utilize encryption the plausible deniability feature is actually plausible. If for example all devices shipped with encryption and a plausible deniability mode it would not be plausible that a device does not perform encryption because anyone with the ability to search online would see that this is a feature available on all devices. By having this as a feature on some devices and other devices being legitimately without any encryption capabilities it is plausible that your device does not utilize encryption.
Depending on what your wipe mode is set to it either wipes all sensitive data (overwrites where your usernames, passwords, keys etc. are stored) or if you are using full wipe mode it does a complete erase of the OnlyKey including sensitive data and all firmware (this requires reloading firmware).
Whenever you wish to wipe all sensitive data from the OnlyKey and restore it to a factory default state.
This activates a second profile that is designed to be indistinguishable from the OnlyKey (International Travel Edition) firmware while actually running the OnlyKey (Standard Edition) firmware. The objective of this feature is to allow travel overseas to areas where devices using encryption might not be allowed or where it is mandatory to give up passwords/keys. The user can load the International Travel Edition firmware on their OnlyKey along with some accounts they don't really care about before crossing a border and then if they are asked if they have anything that is encrypted they can say no and be completely telling the truth. Once inside the country they could load the Standard Firmware and set up their plausible deniability profile so that if they are ever detained or forced to give up their PIN they can comply by giving the plausible deniability PIN which would just unlock the accounts they don't really care about and would again appear to just be an unencrypted password manager. The user would have a plausible story that they are giving up everything they have while keeping the accounts they care about and encryption keys protected. For more information on encryption and international travel see https://www.princeton.edu/itsecurity/encryption/encryption-and-internatio/
Whenever you wish for your OnlyKey to appear to be a simple password manager that does not utilize encryption. For more information read https://crp.to/2017/04/plausible-deniability-onlykey/
Plausible deniability is only good if you are in a country where your worst case scenario is that you will be fined for using encryption. If someone is holding a gun to your head or there is risk of torture plausible deniability is pretty much useless. For more information on why see this https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis.

If you think an adversary has the resources to decap a chip and inspect the contents with an electron microscope, or equivalent method, and is willing to spend these resources to obtain your passwords, then this implementation of plausible deniability would be defeated as there is no tamper respondent enclosure surrounding the device. Keep in mind that this is not a limitation of OnlyKey, this type of sophisticated attack if successful may be used to compromise the data of all commercial security devices including tokens and smartcards even the ones that claim their device is "Tamper Proof" there is no such thing when it comes to physical security.
We did consider this option but there is one big security weakness this introduces. If the registered holder of the signing certificate is forced to give up the private key (by court order or other means) then whoever gains access to the private key could make modifications to the firmware and release it to unsuspecting users. Also there is not a good way to have firmware be both open source and require a specific code signing certificate. The integrity of firmware can still be validated without a signature using a checksum.
We have designed OnlyKey to be as transparent as possible (literally it is covered in a clear potting compound). You can load our firmware, review the source, or write your own firmware. Here are some of the features that allow you validate that there is no backdoor or tampering has occurred.

1) Hardware - By having a clear coat on the electronics you can actually see the hardware and would be able to see a hardware type of backdoor.

2) Software - The way that OnlyKey loads firmware is unique. When you bridge the two touch points to load firmware what actually happens is first the small chip on the board sends a message to the large chip on the board that wipes all data from the large chip, next the firmware is loaded onto the small chip via USB, and finally written onto the blank large chip. So even is someone succeeded in loading malicious software onto your OnlyKey reloading the firmware would completely remove it.

3) Decentralized - Secret keys are generated by you and accessible only to you. Unlike our competitors, be believe in a decentralized model where you have the freedom to control and verify everything on the OnlyKey.

Why is decentralized important?

Take a real world example like Lavabit, in May 2014 the owner of the service Ladar Levison abruptly shut down his secure email service after, it is speculated he received a National Security Letter from the NSA. This service was centralized so Ladar had the ability to see his customers information. Ultimately, he decided instead to just shut down his service rather than give this up his customers "I was forced to make a difficult decision: violate the rights of the American people and my global customers or shut down. I chose Freedom."

What is unknown is how many other companies have centralized technology and chose to not shut down and gave up their customers instead. All centralized security solutions have one thing in common, a single point of failure, and so they should never be trusted.

So what would happen if CryptoTrust received a similar letter?

We would comply with the order and at the same time 100% protect customers. This is possible because OnlyKey is a decentralized solution. We have zero knowledge of customer's sensitive data and we don't manage or store any keys. All of the keys are created by you either by directly loading them onto the OnlyKey or from being generated randomly using our patent pending method that uses input like the conductivity of your skin when pressing the buttons to create secure random keys.
Three main reasons for not supporting NFC

1) User Experience/Physical Security - The way that NFC devices are typically used is to quickly tap an NFC device to a reader/smartphone. There is no physical protection in place for most NFC devices if you drop it, someone can pick it up and use it. With OnlyKey this is not the case, you have to enter a PIN to unlock the device first. Imagine trying to hold a device close enough to the reader for power while entering a PIN. This in many cases would not be very user friendly.

2) NFC is not Universally Supported - One thing we strive to do is provide a device that works practically everywhere and on everything. NFC is only supported on select Android devices and there are no plans for Apple to open up NFC functionality on the iPhone/iPad. NFC support would not provide universal mobile support. With USB, an adapter is required but we can support all Android devices and even newer iPhones that now have USB support.

3) Power Requirements - NFC provides ~5mA of harvested power to NFC tags. The OnlyKey has a high performance processor which permits quick cryptographic operations but requires more power than NFC provides.
USB C, while definitely having its advantages and on paper looks like a great option also has a lot of disadvantages and issues to consider.

1) Connector Strength - OnlyKey has physical security provided by requiring a PIN to be entered in order to use. This makes OnlyKey a much more secure option than devices with no physical protection but it also requires that the USB connector is fairly durable and strong. USB C connectors/receptacles are smaller not very durable and more prone to breaking from say the stress of pressing on a device that is plugged in to enter a PIN. The way to resolve this issue would be to have a flexible USB C connector attached to OnlyKey. While this is possible it would be more expensive to produce and would only be slightly more compact than just using a USB C adapter connected to the current OnlyKey. For this reason we provide USB C support via a USB C adapter, as this method also provides backwards compatibility with the majority of systems in use that do not support USB C.

2) Universal Support - Currently, USB A is more widely supported and universal than USB C and it likely will be 5 - 10 years before the majority of devices out there do not support USB A. There is also inconsistency in the industry as the newest MacBook only supports USB C and the newest Microsoft Surface only supports USB A. Dongles and adapters are currently unavoidable.

3) Connector Complexity/Durability - USB C connectors contain 24 tiny connections while USB A contains 4 large connections. Additionally, the USB A connector on OnlyKey is a flat surface while USB C is not. With the current USB A the device is waterproof, you could go swimming, wipe your OnlyKey dry and its good to go. This is not the case with USB C as water can reside inside the connector where its not easy to dry and plugging a wet electrical connector in is a bad idea. The complexity of USB C is great for things like supporting a 4K monitor that requires an incredible amount of data transfer, but for OnlyKey it is just a disadvantage as there is no need for high speed data at all.
For more information on mobile adapters including USB C, Mirco USB, and iPhone Lightning see below "Is OnlyKey supported on Android and iPhone".
OnlyKey is supported by any device that would support a USB keyboard. This includes Android devices and even iPhone 7 using USB OTG adapter.
Phone Model Supported Required Adapter
iPhone/iPad (IOS 9.2+) with Lightning port Password manager and Yubikey OTP Lightning to USB OTG Adapter available here
Android with USB Micro port Password manager and Yubikey OTP USB Micro OTG w/Key chain Adapter available here
Android with USB C port Password manager and Yubikey OTP USB C OTG Adapter available here