OnlyKey Enterprise

Solve your business password management problems with a convenience your employees will love.

Get Started Now!

Password Policy Compliance

OnlyKey supports passwords that are completely random and with complexity that will exceed even the strictest password policy.

Two Factor Enforcement

By supporting multiple methods of 2FA Onlykey is the most universally supported token available on the market today! Chances are that if an app supports two-factor authentication, OnlyKey is compatible.

Easy Management and Training

One device to manage and users only remember one PIN. The first day on the job a user can be given one device programmed with all necessary accounts to hit the ground running.

Trusted Consultant Support

A trusted security consultant with internationally recognized security credentials will guide you to implement best practices. Meet the team here.

How does OnlyKey work for small businesses and teams?

Read a tale of two passwords

Meet Bob…

Bob just started a new job today and after filling out some paperwork is given training on how to set up his company email account, his VPN account, and a bunch of other accounts that are required for his job. The training takes most of the day and now its time for Bob to set everything up. His company tries to be security focused and requires strong passwords along with 2 factor token to log in. Since Bob is just trying to get to work as soon as he can he sets his passwords all to the same thing, something he can remember like his cats name (dictionary word) with extra digits. Then he tries to figure out how to set up these 2 factor tokens and apps but after frustration with how complicated it is to set up he just disables the 2 factor on one account and then goes home for the day to tackle the remaining accounts with fresh eyes in the morning.

Meet Alice…

Alice just started a new job today and after filling out some paperwork is given training on a new device called OnlyKey that her new company uses. The training takes about 5 minutes to show Alice how to enter the one and only PIN she has to remember onto her OnlyKey and press the buttons to log into all of her accounts. The OnlyKey already has all the accounts she needs set up with very strong and random passwords that can’t be guessed or cracked and 2 factor authentication. Alice attaches the OnlyKey to her keyring and gets to work.

Compare to other enterprise password management solutions

According to Gartner report on password management:

“Most personal password managers are consumer-focused and lack capabilities, such as centralized administration and policy management that would make them suitable for use by enterprises or smaller organizations. They are therefore out of scope for Gartner research. However, there are six notable exceptions from vendors that have expanded upon their consumer offerings to include these capabilities in their enterprise editions:

  • Dashlane’s Dashlane Business
  • Keeper Security’s Keeper Business
  • LastPass’ LastPass Enterprise
  • Siber Systems’ RoboForm for Business
  • SplashData’s SplashID Safe for Teams
  • Zoho’s Zoho Vault Enterprise”

Unfortunately, the Gartner report does not provide reference to the security weakness that all of these solutions have in common. These are centralized solutions meaning that all of the passwords are stored in one central location. If a hacker can compromise this location they can compromise every account in the enterprise.

For many businesses, an attack that compromises every account they own and all of their most critical information would be devastating, a breach of this magnitude would possibly result in having to close the doors for business permanently.

So how would a hacker compromise all accounts in an enterprise password manager? Only three things are required.

  1. Initial network access (oops, a user clicked on phishing link and now the attacker is in).
  2. Patience (just stay dormant inside network and wait).
  3. One exploitable vulnerability (strike quickly before there is a patch released).

This model of attacking systems is common with advanced hackers and nation state threats.

For this reason we recommend a better approach to password management, a decentralized offline solution.

OnlyKey is a decentralized offline solution. Decentralized means all eggs are not in the same basket. Each employee has their individual accounts loaded on an OnlyKey device.

What about centralized management?

  • Each OnlyKey has a secure backup feature that allows users to backup a device periodically. This way if a device is ever lost or stolen a new OnlyKey can be issued and restored using the latest backup.
  • Each OnlyKey has a different PGP key loaded that encrypts the backups with military grade encryption. In order to restore the same key is needed, there is no other way to restore the backup.
  • This is where centralized management comes in – An administrator would have access to the keys needed to restore users devices and the latest backup.
  • The backups can be stored on network accessible storage because they are completely encrypted.
  • The keys are also encrypted but they are not stored anywhere on the network. They are stored offline in a vault or hardware security module.

With this model there are many advantages such as:

  • OnlyKey is a USB device that is write only. Even if a user’s computer is compromised the key stores accounts offline and is not accessible to hacker.
  • Even if account from one OnlyKey were obtained this would only affect one user’s account and not other users.
  • Central management is still possible. If a user forgets to bring their OnlyKey to work one day the Administrator can issue a temporary device set up with accounts the same way that a temporary badge might be issued if a user forgets their badge.