OnlyKey

OnlyKey is a multi-function hardware security key combining features of a password manager, two-factor authentication (2FA) token, file encryption token, and secure storage device. The device incorporates hardware storage for password and username combinations, also acting as a portable password manager.

Overview
OnlyKey is notable for its physical keypad, which allows users to enter a PIN code directly on the device. After 10 failed attempts to unlock, all data is erased. The device also features a data-destruction code that the user can key in. The device can store passwords, usernames/URLs, and one-time password (OTP) accounts, that can be used for online/offline access.

Features

 * Password management: OnlyKey can store and manage up to 24 passwords, usernames/URLs, and one-time password (OTP) accounts on the device itself.
 * Two-factor authentication (2FA): OnlyKey supports various 2FA protocols including FIDO2 WebAuthn, FIDO U2F, TOTP, Yubico OTP, and Challenge-response.  When logging in to a configured website or service, besides entering the username and password, the user also physically confirms the login attempt  by pressing a button.
 * Security and Durability: OnlyKey is open source and has upgradable firmware.
 * Set up Apps: The device can be used via cross-platform desktop app, as well as desktop apps on macOS, Windows, and Linux (.deb)

Disadvantages

 * Cost: Compared to software-based password managers, OnlyKey requires an upfront purchase for the hardware device itself.
 * Learning Curve: Setting up and using OnlyKey may require familiarization with its features and functionalities compared to typical password management solutions. Complex setup process compared to security keys like YubiKey.
 * Physical Loss: Losing the OnlyKey device can potentially lock the user out of their accounts if no backup is created. Unlike other security keys, OnlyKey has a secure backup feature to solve this issue.
 * Limited OTP Functionality: The absence of both an on-board clock and non-volatile memory necessitates the OnlyKey App to be running for Time-based One-Time Password (TOTP) generation. There are some exceptions when the hardware key is continuously powered.