Overview
The OnlyKey Secure Access / Identity hardware key is a frontline defence against password hacking and phishing which costs Australian businesses millions annually.
This portable device acts as a secure password manager and multi-factor authentication (MFA) token, supporting FIDO2/U2F, YubiKey OTP, Google Authenticator TOTP, and more. It stores up to 12 accounts with usernames, passwords (up to 56 characters), URLs, and 2FA secrets, typing them out via USB like a keyboard for seamless login without software vulnerabilities. Built with an EAL5+ certified secure element, it requires physical touch for operation, preventing remote attacks. Open-source firmware allows community audits, ensuring transparency and no backdoors. Ideal for professionals in Australia’s surveillance landscape, it integrates with privacy bundles for enhanced identity protection, supporting PGP encryption, SSH keys, and challenge-response for advanced use.
Key Features
- Hardware-based password manager: Stores and auto-types usernames, passwords, and 2FA codes for up to 12 slots/accounts.
- Multi-protocol 2FA: Supports FIDO2/U2F (phishing-resistant), YubiKey OTP, Google Auth TOTP, HMAC-SHA1 Challenge-Response.
- Physical security: Requires button press/touch; PIN-protected with self-destruct (crypto-erase) after 10 failed attempts.
- Open-source firmware: Auditable code for transparency; firmware updates via Chrome app.
- Versatile compatibility: USB-A plug-and-play; works with Windows, macOS, Linux, Android (OTG adapter), no drivers needed for basic use.
- Advanced tools: PGP message signing/encryption, SSH login, static passwords, and backup/restore (encrypted).
- Portable design: Compact (credit card size), durable plastic casing in multiple colors; no battery required.
- Phishing-proof: Emulates a keyboard to input credentials, bypassing clipboard/malware risks.
- Ethical hacker origins: Designed in 2016 for secure password/MFA management without software flaws.
- No known vulnerabilities: 2020-2025 reviews confirm robust against hacks; physical touch prevents remote exploits..
Usage Warning
- Initial setup requires Chrome app; ensure compatible OS/browser. Forgotten PIN triggers self-destruct – back up encrypted profiles responsibly.
- For optimal security, use on trusted devices; avoid public computers. Backups are encrypted but store securely to prevent offline attacks.
- Minor setup complexity for beginners; follow tutorials to avoid errors.
- Security Element: EAL5+ certified secure microcontroller.
- Storage: 12 slots for accounts (username, password, URL, OTP/TOTP).
- Protocols: FIDO2/U2F, YubiKey OTP, Google Auth TOTP, HMAC-SHA1, PGP, SSH.
- Interface: USB-A (HID keyboard emulation).
- Dimensions: 50mm x 18mm x 5mm; Weight: 10g.
- Compatibility: Windows, macOS, Linux, Android (w/OTG); Chrome app for config.
- PIN Length: 7-10 digits; Self-destruct after 10 failures.
- Certifications: FIDO Alliance compliant; Open-source (GitHub).
- Origin: Made in USA.
- OnlyKey official documentation can be found at https://docs.onlykey.io/.
At PrivacyPros, we prioritise efficient and discreet shipping to ensure your privacy-focused devices arrive securely and promptly. While our inventory is dynamic and subject to fluctuations, orders are processed within 2-15 business days from order confirmation and payment receipt, and 2-5 days for delivery. In rare cases, such as when awaiting new shipments from suppliers or delays with postal services, it may take longer. If we foresee or advised on any delay, we’ll proactively reach to you to keep you informed and discuss options. For more information, please refer to our Shipping Policy.
Free shipping is provided on all orders over $200 AUD.
Warranty
Our accessories come with guarantees that cannot be excluded under the ACL. You are entitled to a replacement or refund for a major failure. You are also entitled to have the goods repaired or replaced if the goods fail to be of acceptable quality and the failure does not amount to a major failure. In addition, this product is covered by the manufacturer’s standard warranty – please refer to their official support for details and claims.
Returns
We accept change of mind returns for accessories if returned within 14 days of delivery, with proof of purchase, unused and in original packaging (e.g., sealed, shrink-wrapped); refer to https://accc.gov.au/consumers for ACL details, and return shipping costs may be the customer’s responsibility unless due to our error.Cancellations
If your order has not yet been sourced (typically within 2 business days of placement), a full refund for the product and postage may be provided at our discretion. For cancellations contact us at https://privacypros.com.au/contact with the inquiry type ‘Warranty, Returns & Cancellations’.
