I simply store passwords without any further information on the stick, so its like a keychain. If you loose it the one finding it still has no clue which lock the keys will fit in.
So I would like to use OnlyKey exactly like this, a simple to use key to unlock the things only I know about. And Im very cautions about not loosing my keys so I think everybody should be able to decide for themselves how important the data on the stick is and what level of protection they feel suits them best.
I mean, even if I loose the stick, I will propably recognize it and change the all the “locks” before anyone can misuse it.
I dont understand, why @t11 does not want to consider the majority of the userbase, the ones that dont need to fear for their lives. Yes I do understand that the OnlyKey is the only option for very important people to protect their data under all circumstances. But Id say this is just a handful of people. Others dont need that level of protection. Having the passwords stored on a dedicated device is already a 100x more secure than everything else. Encryption on top with PIN is just adding another few percent of security.
If you look at what most people want: storing passwords in a way that nothing that is online can fetch the passwords in an easy way. Having the passwords encrypted only protects the case when you lose the OnlyKey and someone finds it or someone wants physical access.
The first case is even with full access data not that hard, you still have an backup to login to your services and change everything. The latter is a problem that only very few individuals have (as of now)
And even if @t11 gives us the option, the key is not getting less secure for the people that rely on all encryption features. So there is no logical reason to not implement that feature.
Removing the requirement for a PIN would make it so that there is no physical security. As OnlyKey is a security product we are not planning to offer this as an option.
If you are looking for an option of just storing passwords on a USB device without any security you could for example store them on a USB flash drive. Or store them on a USB Rubber Ducky.
the physical security is already given by the fact, that there is no access to the passcodes even if the devices is plugged in. No other device can offer that. Also its given by the fact, that the wearer can protect it with physical means.
So even if the encryption is removed, its still serving its original purpose in offering unprecedented levels of security. And it should not be the default option of course. The PIN is just a feature on top but no the main feature of the device.
and in the end its the decision of the user. Its the one who uses the key who should ultimately be able to use the key as it fits the situation.
You are providing no argument whatsoever against this. Thats not what a discourse is about.