MiixKey is a compact, offline ESP32-P4-based hardware security key and password manager that securely stores passwords, passkeys, NFC cards, and smart card credentials in a single portable device. It features a 2-inch touchscreen and is designed for users, developers, enterprises, government staff, and cybersecurity professionals who need secure offline credential management without relying on cloud services or smartphone apps.
Previously, we covered security keys like the YubiKey and Google Titan Security Key, which are great for FIDO2 and U2F login, but they don’t have a display or user interface, so managing passwords or switching credentials usually requires a phone or computer. MiixKey fixes this by adding a touchscreen and allowing the user to manage over 3,000 passwords fully offline.
MiixKey specifications:
– Main SoC – Espressif Systems ESP32-P4
– CPU
– Dual-core 32-bit RISC-V HP (High-performance) CPU @ up to 400 MHz with AI instructions extension and single-precision FPU
– Single-RISC-V LP (Low-power) MCU core @ up to 40 MHz with 8KB of zero-wait TCM RAM
– Memory
– 768 KB HP L2MEM (for dual-core CPU), 32 KB LP SRAM, 8 KB TCM (for LP MCU core)
– 32MB PSRAM
– Storage – 128 KB HP ROM, 16 KB LP ROM
– GPU – 2D Pixel Processing Accelerator (PPA)
– VPU – H.264 video encoder, JPEG codec
– Storage – 32MB external SPI NOR flash
– Wireless SoC – Nordic Semiconductor nRF52840
– CPU – 32-bit Arm Cortex-M4F microcontroller @ 64 MHz
– Memory/Storage – 1 MB Flash, 256 KB RAM
– Wireless – Bluetooth 5, Thread, ANT, Bluetooth Mesh, NFC, 802.15.4 (Zigbee), 2.4 GHz proprietary
– Display – 2-inch touchscreen, 480 x 640 resolution
– USB – USB Type-C port for power and connectivity
– Security features
– Secure Boot v2 and Flash AES-256 Encryption
– NVS + PIN HMAC Encryption
– Dangerous Mode – A decoy vault triggered by a specific PIN that wipes real data
– Emergency Mode – A time-locked vault (up to 64 hours delay) for sensitive handovers
– Misc – Power button
– Power
– Does not specify an internal battery capacity.
– Supports continuous power via USB for time-locked functions
– Dimensions – 60 x 40 x 10 mm
– Housing – CNC Aluminum Alloy with gold-plated brass buttons
Unlike typical security keys like Diabolic Parasite and Tillitis Tkey, which offer only a single slot, MiixKey comes with five independent slots, each functioning like its own security key with a separate PIN. Every slot supports FIDO2, PIV, and OpenPGP, and can hold up to 64 FIDO2 passkeys, for a total of 320 across the device. With the built-in screen, you can enter, search, and edit credentials directly on the device, so your data never has to touch an internet-connected system. It also supports importing passwords from KeePass or KeePassXC (KDBX files) for offline use and can act as an HID device over USB or Bluetooth to enable smooth auto-fill across different devices.
The device also supports custom scripts and BADUSB functionality, allowing it to emulate a keyboard and automate keystrokes or complex commands. It includes a built-in TOTP generator for 2FA, removing the need for smartphone apps, with all operations performed locally without cloud or online dependencies.
Since the device operates fully offline, there is no password recovery option, so you must have backups and redundancy in place. Best practice is to use multiple hardware keys registered to important accounts, keep a secure offline backup of the KeePass (KDBX) database, and store service-provided recovery codes. Without these precautions, losing the device will result in permanent loss of access to stored credentials.
The MiixKey is now available on Kickstarter, where it has already surpassed its 10,000 HKD (~$1,276 US) funding goal. Early Bird rewards start at approximately $99 US, with a “Kickstarter Special” price of $109. Shipping is estimated to begin in July 2026.