After reading SoloKey (Hardware Security Key), I think the OnlyKey is next up on the list.
Asking to add OnlyKey to the Multi-Factor Authentication page with Hardware Keys - Multi-Factor Authenticators - Privacy Guides
The OnlyKey ticks most of the requirement boxes (Multi-Factor Authenticators - Privacy Guides).
More info on the OnlyKey - https://onlykey.io/
- Must use high quality, tamper resistant hardware security modules. ← chemical resistant hardware
- Must support the latest FIDO2 specification. ← Supported
- Devices which cost over $35 must support handling OpenPGP and S/MIME. ← It’s around $100, it can handle OpenPGP
- Cross platform ← *Nix/Windows/Mac
- OpenSource ← On GitHub GitHub - trustcrypto/OnlyKey-Firmware: The OnlyKey Firmware runs on the OnlyKey itself and provides the core functionality of OnlyKey.
The one thing what is missing (from what I know, or haven’t found it) is a public external security audit of the OnlyKey.
There are many reviews out there like OnlyKey: The ultimate security key for professionals | ZDNET
It does have a very good documentation, for example: About Security | Docs
It’s highly durable: OnlyKey Durability Review & the video - OnlyKey Durability Tests - YouTube
Is it possible to add OnlyKey to the Hardware Key list or do we need to wait until there is an official external audit for the OnlyKey?