I have two OnlyKeys:
- “OnlyKey 1” has a few slots set, and is configured as hardware key for my KeepassXC database.
- The second key, “OnlyKey 2” has just been initialized, but is otherwise empty.
KeepassXC authentication works as expected with “OnlyKey 1” as hardware key.
However, curiously, I noticed that I can also use “OnlyKey 2” instead, which is just initialized, but otherwise nothing has been configured.
Is this expected behavior?
So any arbitrary initialized OnlyKey (not just the specific one configured with the KeepassXC database) can be used (together with the password) to unlock the KeepassXC database?
I fail to see the major security enhancement if that’s the case – or am I missing something?