On the face of the OnlyKey is a 6 button keypad which serves two purposes.
1. In order to enable the device for use, a PIN must be entered. This way if OnlyKey is ever lost or stolen, it will be unusable without knowing the PIN.
2. The 6 buttons support multiple authentication methods, such as One Time Passwords used by Google Authenticator, Universal 2nd Factor (U2F), and Yubikey.
OnlyKey is the world’s first token to implement self-destruct and plausible deniability features. A self-destruct PIN and a plausible deniability PIN can be set when you first activate your OnlyKey. If you are ever forced to unlock your OnlyKey or give up your PIN, the self-destruct PIN can be entered instead, causing the OnlyKey to wipe it’s sensitive data. Similarly, the plausible deniability PIN can be provided instead, which will activate the OnlyKey using a second profile that contains credentials to accounts set up to look real — which may even work to log into websites — but are really just dummy accounts. Alternatively, if you don’t need the second profile for plausible deniability you can just use it as a second profile to store additional accounts, such as a personal profile and keep your work accounts in the primary profile. Once the OnlyKey is set up it allows you to log into an account with the touch of a button. Setup accounts on the OnlyKey and then the OnlyKey types your credentials for you into a login form. For an example, you could setup button #1 on your OnlyKey so that when it is pressed your Google username is typed into the username field, your Google password is typed into the password field, and then your OTP is typed into the OTP field. The complete login is done with 2-factor with the touch of a button.
Need more than 24 accounts? No problem, one account can be a software password manager to store an unlimited number of accounts.WHERE CONVENIENCE AND SECURITY MEET – OnlyKey was developed to make password management and two-factor authentication convenient and secure. Easily attach OnlyKey to your keychain using the provided keychain lanyard and securely log in everywhere you go. OnlyKey even comes with a quick reference card with useful links and spots to write in the names of your accounts just in case you don’t have the OnlyKey app handy.
THREE IN ONE – It functions as a password manager, a two-factor token, and offline encryption key storage. It is the world’s first password manager that can keep your accounts safe even if your computer is hacked or a website is breached. OnlyKey does this by storing your passwords in secure hardware offline and by supporting strong 2 factor authentication methods like U2F, Yubikey compatible OTP, and Google Authenticator.
SECURE BY DESIGN – Information can only be written to the OnlyKey Color or wiped. This protects your data even if the connected computer has been compromised. Unlike smartcards that are vulnerable to keylogger attacks, the PIN used to unlock OnlyKey is entered on the OnlyKey itself. This second generation of the OnlyKey supports a multi-color light that is easy to understand, enter the wrong PIN it flashes red, enter the correct PIN it turns green, for U2F authentication it fades blue.
TWO-FACTOR OPTIONS – By supporting multiple methods of 2FA Onlykey is the most universally supported token available on the market today! Chances are that if the website supports two-factor authentication, OnlyKey is compatible.
UNIVERSAL SUPPORT – Identifies as a regular keyboard (USB HID), no special drivers required. Supports Chrome browser on Windows, Mac and Linux. You can plug OnlyKey into any computer, press a button, and it types out the web site URL then enters your username and password the same as if you typed it yourself; but with one big difference, you don’t have to remember passwords! OnlyKey is durable and waterproof and for added protection includes one silicon case.