There are a lot of security keys out there, but OnlyKey is the perfect choice for professionals.
It looks like a regular security key, but under epoxy are some really neat features.
The only downside — it takes some time to figure out how it works.
Must read: Better than the best password: How to use 2FA to improve your security
OK, so what is OnlyKey?
OnlyKey sort of looks like a regular USB-A security key. It’s small, has some gold-colored touchpads, has a lot of epoxy on it, and a connector on one end.
But a closer look uncovers some differences.
First off, there’s a 6-digit keypad. This is key — pardon the pun — to much of what makes the OnlyKey different.
That keypad allows OnlyKey to be protected by a PIN code, and for a second account to be set up, along with a self-destruct PIN code.
These PINs add an additional layer of security, preventing the key from being useful to someone who finds it.
In all, you can store up to 24 passwords, up to 24 usernames/URLs, and up to 24 OTP accounts on a single OnlyKey.
Beyond that, OnlyKey supports FIDO U2F and Yubikey OTP 2 factor authentication for an unlimited number of sites.
The OnlyKey is also open source, has upgradable firmware, and can also be backed up (in case you lose the key and need to restore the data onto another).
Your OnlyKey can be set up using either an app (Windows, Mac, and Linux), or you can choose an app-free quick setup.
There’s also very in-depth documentation that guides you through all the features.
Each key also comes with a removable black silicone protective sleeve.
Now, there’s a lot to an OnlyKey. Far more than just plugging it in and using it, like you do with a YubiKey. This is both a pro and a con. For ease of use (and not having users wipe the key by using the self-destruct PIN instead of the access PIN), YubiKey has the edge. But for professionals who take security seriously, and don’t mind putting in the time into learning how to use it, this key comes highly recommended.