dicekeys.com

What It Is

DiceKeys is a hardware security approach that uses an arrangement of physical dice as a high-entropy root secret. After the user scans a DiceKey into the app, the app converts the 5x5 dice faces into a 75-character string, then uses open-source cryptographic libraries and a recipe mechanism to derive passwords, seeds, keys, and other secrets. It is not a traditional firewall, EDR, or IAM SaaS product, but rather a personal hardware security tool for generating and preserving authentication secrets over the long term.

Core Capabilities and Deployment

In terms of protection, DiceKeys focuses on password generation, cryptographic key derivation, and seeding certain SoloKeys FIDO2/WebAuthN security keys. Deployment is primarily based on a physical DiceKey plus native apps for Windows, MacOS, and Android. A web app is also available, but the official documentation states that the web version does not include all features. Because iOS does not allow apps to directly access USB devices, iPhone and iPad cannot be used to seed SoloKey devices; browsers also block communication with security keys, so seeding is likewise unavailable on the web. The software is released under the MIT license, the underlying libraries can be used independently, and APIs are provided for password managers to request master passwords or keys.

Pricing and Compliance

The available text only states that DiceKeys is a one-time hardware purchase with an upfront cost, with no hidden subscriptions or upsells. It does not disclose specific pricing, payment methods, or regional purchasing conditions. On the compliance side, we did not find information such as SOC 2, ISO 27001, or FIPS certifications, so it should not be treated as a security product that already satisfies enterprise compliance procurement requirements.

Pros and Cons

Its advantages are that it works offline, can be kept for the long term, and does not require a cloud account. If the device with the app installed is lost, the physical DiceKey can simply be scanned again to recover access. Recipes do not need to be kept secret, making it easy to reconstruct secrets for specific websites or applications. The app also uses redundant encoding with underlines and overlines to verify dice characters, reducing the risk of misreading. The downsides are that the ecosystem is relatively narrow: it currently cannot seed arbitrary security keys and only supports SoloKeys compatible with the DiceKeys standard firmware. Web and iOS platform limitations are significant, and there is also no information on centralized management, audit alerts, enterprise support SLAs, or similar capabilities.

Who It’s For and Access from China

DiceKeys is best suited to individuals, developers, heavy password manager users, and security enthusiasts who value self-managed root secrets and are willing to use the SoloKeys ecosystem. It is less suitable for enterprise security teams that need unified control, compliance reporting, and centralized alerting. Access from China is not covered in the available text; website and app store availability, hardware shipping, and payment methods are all unknown. For deployment in China, alternatives such as YubiKey, SoloKeys, OnlyKey, or mainstream password manager solutions can be evaluated as well.