Hi there! Nice to see the fancy new forum and I’m excited about your updates to come. I appreciate your positive response about my last suggestion to your old forum, really hope you can work it into the new hardware, and now seeing more password manager integration is great! And I’m really glad to see GPG agent support and existing SSH keys, that is absolutely key to make it accessible to existing systems. I’d like very much to see the OnlyKey become the one simple and standard bit of hardware that can store all my secrets in one place so no computer need be trusted with any of it.
Okay, a few thoughts I’ve been having about your excellent product…
— followup to my previous suggestion (https://groups.google.com/g/onlykey/c/Kup45ZaDmVg):
Another advantage to this additional storage, is the potential of storing even your PUBLIC keyring on the OnlyKey. This means that I always have everything I need with me to work with GPG messages. Having that additional larger storage seems like it would also take the pressure off the main storage, which really only needs to to store and secure the GPG private keys (and maybe SSH keys?), which could then be used to decrypt all the other various secrets it needs off the larger device, which may need to be accessed by software password managers variously, and it seems like a waste of space to store twice. This would free up space in that tiny chip for code and whatever… though I hope you’re looking at a main chip with slightly more space for the next version anyway, cause 256k sounds cramped.
— Slots. Okay, so I know it’s come up a bunch, but this is why I think a two code slot setup works better than the “short/long” setup you have now:
-
It gives you logical groupings. I can more easily remember something like “one is workstations”, “two is financial”, “three is social media”, “four is shopping”, “five is media”, etc. Then I can actually fit all the things inside each section, that’s up to six workstations, yes whose numbers I have to remember, but that somehow seems easier.
-
It gives more slots, 12 was never quite enough. It gives enough slots for a few bank accounts and paypal and venmo under one section, someone’s CBS, netfix, hulu, and that other new one they get, etc. I just think having those logical groupings makes remembering them easier.
-
This setup leaves all the long-presses for various setup and admin functions or modes or whatever, which seems like plenty.
— There needs to be a template sort of system for entering the autotype setup for the slots. Ideally, this could be done directly from something like LastpassXC, which already does exactly that sort of thing. It would be nice to unify the two, but even that aside, a more flexible template system just makes more sense.
Even without (or before) adding a template typing system like that to the OnlyKey, it would be really handy if something like KeePassXC could interface either with the OnlyKey directly, or with your software that interfaces with it to program the key DIRECTLY from my existing template in the password manager to update the slots in the OnlyKey, translated from the auto type.
I’ve poked around a little in the code of both projects (the OnlyKey app and KeePassXC), and it seems like this should be a relatively straightforward thing to write, and while I am not quite sure where to start, with a little guidance I would be into working on this implemented in KeePassXC (I haven’t contributed to it yet, but I’ve been lurking and they seem friendly).
Whew, okay, well those are my suggestions, such as they are. Take them as you will.
-Joshua