I received my OnlyKey about 2 days ago and I’m already in love with it and don’t want to use my YubiKey anymore.
I do have some questions/issues I would like to be answered/fixed:
1- When assigning a lock function to a slot, and use it, it locks the device, however, I cannot enter a PIN or even use the keyboard anymore as if the keyboard is somehow stuck (Win 10) and the only way I was able to reenter my password is to press the forget the PIN button
PS: this issue does not happen if I make a lock function using \gl with sysadmin mode
2- In sysadmin mode, are only 56 characters allowed in a field, and how to increase that if possible. Also, what do I do in normal mode if my password is more than 56 characters?
3 - In sysadmin mode, if I want a key to do an ipconfig command on cmd, how would I assign a key to do that? because \gr \2 cmd \r \2 ipconfig did not work.
4- Why does the FIDO2 function does not work on the Microsoft account but the YubiKey does? and is there a fix for that?
Those were all of the questions/issues that I have encountered, and couldn’t find the answer to.
I would highly appreciate it if I can get a response from all of them.
Update:
All the questions were answered by the community below, a big thanks to everyone who helped.
Hi, I’m a fresh new user as well, so I won’t be able to help with everything, but I think I can help with with a couple of points:
The Lock button doesn’t just lock the computer, but also logs you out of the OnlyKey profile. That means that before you can use the OnlyKey again you have to re-unlock it with either of your PINs.
The char limit is set by the hardware, see t11’s answer on this. However when I’ve found myself short of characters, I just divide them between user and password, set “nothing” in between, here’s an example
Remember that you can use special characters in the password field as well.
Also remember that after the URL there will always be a Return. I haven’t played around with sysadmin mode yet, but I’m guessing that most of my scripts would have " \gr \2 cmd" in the URL field
No help here, sorry, only a suggestion and a tip:
Suggestion: try to put \gr \2 cmd \r \2 ipconfig in the URL field, but remember the user guide:
You can chain together multiple ‘ \t ’ or ‘ \r ’ in the fields. Its one space to start and one space to end so if your chaining together multiple tabs it would have a double space in between
That means that the command in my suggestion should have one space before \gr and two spaces between \gr and \2, and \r and \2
Tip: when you’re trying to debug a slot, open notepad (not Notepad++, I found its autocomplete function can interfere with the OK) and touch it. See what it does. Are tabs being typed as tabs or did you use the wrong slash and you get “/t”? Did you use the right slash but the first special character still gets typed out? You might have forgotten a space before the “/”…
Yeah, what’s up with that? I tried setting it up in five different browsers and two computers but it always fails, and only with my MS account.
For FIDO2, it seems that Microsoft is looking for the attestation certificate (Go here and register, you can see that YubiKey have a valid attestation certificate).
You can register the key on Firefox, and then you can use it on Chrome for personal Microsoft accounts. Unfortunately, if you use an Azure AD account, you will need your directory admin to disable the “Attestation Required” flag.
Thanks for the help, Regarding No 1 I meant the PIN for the PC itself and not ONLYKEY, but I have made a video explaining the situation to the developer and submitted it (Lock Issue - Album on Imgur)
as for No 2, I didn’t know you can do that, that will be very useful.
For no 3 I found a workaround with Win10 ( \g \1 run \1 \r \1 cmd \r \1 ipconfig \r), it does the job but still, maybe your suggestion is better, ill try it out.
For No 4 the dev said it will be fixed in 2.1.1 so I’ll be looking forward to that.
@ pepe for #2 that solution is good, I never thought of it , I will be using this method now, many if not most of my passes are way over 56 charactors limit
De necessitate, virtutem: I was trying to open and log into KeyBase. I ran out of characters in the username field before I even opened its text field, I had to put “username \t password” in the password field (yes, twice!)
Just tried register with Firefox, and it worked. What is your firmware version ( check right bottom of the OnlyKey App), and have you set the FIDO2 PIN?
@Extrawdw
Yes I have set up the FIDO2 PIN, the firmware is the latest ( OnlyKey v2.1.0-prodc ), I tried it on Firefox on linux and windows, it asks me for the pin, then touch the key, and then I get this error: Image
Sorry for going slightly OT, but how do you set the FIDO2 PIN and list credentials?
I haven’t found info on this in the docs, except using the Python CLI, but it seems that didn’t work for me, and the related thread I created didn’t yield a response so far.
, I will be using this method now, many if not most of my passes are way over 56 charactors limit