Which SafeKey do I need?
Choosing the right SafeKey model depends on what you want to use it for.
Last updated
Choosing the right SafeKey model depends on what you want to use it for.
Last updated
There are three SafeKey options: SafeKey One, SafeKey Pro and the SafeKey Mobile app.
The main use cases for the SafeKey One are:
It also has automated phishing protection included.
The purpose of using the SafeKey One is to protect your online accounts against phishing attacks or hacks. If your account is secured with a SafeKey and someone happens to get access to your password, then they still won't get access to your account because they don't have access to your SafeKey.
SafeKey One acts as a physical extra security layer to your authentication processes.
SafeKey Pro is the only hardware device that’s compatible with inheriti.com.
SafeKey Pro does everything the SafeKey One does, so it can be used to protect your online accounts against phishing attacks or hacks.
But, additionally the SafeKey Pro has also been designed with custom internal storage. This allows you to store shares of encrypted backups and inheritance plans created via inheriti.com.
The SafeKey Pro does not only protect your accounts, it also helps you to protect and backup your secret and sensitive data.
Think about data such as:
Usernames and passwords
Email accounts
Social media accounts
Private keys and seed phrases to access your crypto and NFTs
Data from all your devices: computers, smartphones, …
All data stored on your hard drives or in your cloud
Domain names
Bank accounts
Investments
Family receipts
Confidential business information
Your biggest secrets
…
SafeKey Mobile is the mobile alternative to the internal storage of SafeKey Pro.
It enables users to store encrypted shares of their protection plans directly on their smartphones, offering a more versatile, on-the-go solution without compromising security.
SafeKey Mobile is integrated with SafeID, allowing seamless management of your Inheriti® plan shares. It offers secure mobile storage for encrypted plan shares, ensuring they are easily accessible yet protected.
Use SafeKey Mobile if you:
Need immediate access to your encrypted plan shares on your phone.
Prefer a mobile-based solution rather than a physical hardware key.
Want an added layer of encryption and convenience for managing shares on-the-go.
Note: SafeKey Mobile does not provide 2FA or passwordless login capabilities. It is focused on the secure storage of Inheriti® plan shares. If you're looking for a combination of 2FA and storing your plan shares, use a SafeKey Pro.
While 2FA is very simple to use, some methods are inherently insecure and exposed to hacks. The most popular implementation, Time-based One-Time Password (TOTP), popularized by its use on Google Auth and crypto exchanges like Binance, transmits the shared secret (master key) over the internet during the setup process.
This weakness has been recognized by major players who created FIDO Alliance and defined new, more secure standards such as Universal 2nd Factor Authentication (U2F), which introduces the use of a hardware device for user authentication, such as the SafeKey.
Some other weaknesses of regular 2FA are:
You have to manually input the code at logging in, adding another step to the process.
Backup codes are sent online, which is often insecure.
You and the provider share the same secret. If a hacker gets into a company and gains access to both the password and the secrets database, he will be able to access every account completely unnoticed.
The secret is displayed in plaintext or QR code. It cannot be provided as a hash or with a cryptographic salt. This also means that the secret is most likely stored in plaintext form, on the servers of the provider.
The secret can be exposed during the registration, as the provider has to give you a generated secret. By using TOTP, you have to trust the providers to be able to protect the secret.
SafeKey gets you better two-factor authentication and goes one step further than traditional methods by using the Universal 2nd Factor standard (U2F).
What does that mean?
Well, not only do you need your regular login credentials such as your email address, username and password, it is also necessary to have a physical device as a means of authentication: your SafeKey.
Adding a hardware device to the authentication process gives your account a massive security boost and should easily keep hackers out of your way.
Why?
Because it is impossible that someone who happens to get your password can log in to your account, because logging in also requires your SafeKey.
