YubiKey VS OnlyKey

YubiKey Reviews

OnlyKey Reviews

YubiKey mentions (10)

• Regarding Yubikey

  People refer to blue keys as 'old' but yubico.com is clear...Security Key Series has been updated to black in 2023 with the same features as the Security Key Series in blue. Blue keys only available through partner sites. Source: 11 months ago

• Can't log in on mobile – Yubikey 5C NFC

  Sorry if this has been asked a lot already - I've tried searching yubico.com and this subreddit, but I haven't found a fix for it. Source: about 1 year ago

• Why passkeys from Apple, Google, Microsoft may soon replace your passwords

  And this is what passkeys fix. So instead you get your parents a set of yubi-keys for their access to 1-pass. * Whenever they are using a known machine (their laptop, phone, etc.) an biometric+device security is used, that's your 2FA. * When in rare machines, or doing things that are probably not ideal (like trying to load and read account information stored in the password manager) they'd have to pull up... Source: about 1 year ago

• First Yubikey lasted almost 10 years, here’s hoping for another 10!

  You know how sites ask you to use 2FA by texting you a code and having you put it in? It lets you do that by pressing the gold button on the front. It's better than using phone multifactor authentication, because it's possible for hackers to either trick you into giving them 2FA codes (There's a video on the front page of yubico.com right now explaining how that can happen), or to manipulate your phone carrier... Source: about 1 year ago

• Google Authenticator

  Not a solution to your exact problem, but since you're already in this pickle, I recommend getting a couple security keys (Yubikeys directly from yubico.com). You can then use Yubico's authentication app + security key which works with any service requiring an authetication app (including CDC - this is what I use). It's much easier to restore and a lot more secure. Source: over 1 year ago

OnlyKey mentions (16)

• ELI5: why is a password that uses numbers and letters stronger than one with only letters? the attackers don't know that you didn't use numbers, so they must include numbers in their brute force either way.

  I haven’t used one, but there’s this: https://onlykey.io/. Source: 9 months ago

• Thetis, Yubikey, Solokey, Nitrokey, Onlykey, etc. Differences and Compatability?

  I might be mistaken but according to this: Https://onlykey.io/ They are FIDO2 certified. Source: 10 months ago

• How to Yubikey: A Configuration Cheatsheet

  I'm with you re: backups. The whole "just have a backup key" methodology seems tediously manual and fraught with opportunities for error/laziness. I've been looking into OnlyKey[0] recently. It seems to have sensible backup functionality at least. Using something The Mooltipass[1] (USB HID password vault w/ TOTP support that has a sensible backup strategy) comes closest to what I want, but not quite close enough.... - Source: Hacker News / 12 months ago

• Secretive: Store SSH Keys in the Secure Enclave

  I think the other (IMO completely valid) concern is that you don't know what the Yubikey does, really. The protocols are open source, sure, but how sure are you there aren't back-doors in them? The firmware tends to be closed source, I found https://onlykey.io/ but I can't speak to how truly open they are, having never used them (do they have e.g. Specialized hardware/software requirements for building one?) In... - Source: Hacker News / 12 months ago

• MFA/2FA required for all Cloud services

  Or rather the real open source alternative https://onlykey.io/. Source: over 1 year ago