NoPass.me - Open-source identity verification

An self hosted OTP provider is a really a cool idea, congrats for the launch !

Hello Product Hunt! And thanks Nicolas for hunting us! ❤️ We are super happy to introduce NoPass.me, an Open-Source, Accountless, Multi-Factor Authentication API. Let me explain all these words 🙂 NoPass.me is an open-source, freemium SaaS or self-hosted API, that lets you verify that a user is who they say they are. When a user registers on your website or service, you would call the API to generate and send them a random code, then verify it. Security and confidentiality is built-in: no user is created in any persistent database, no personal data is stored, no password is stored in clear text, everything is done automagically for you. We strongly believe that transparency is the key (no pun intended) to all security projects. You can not say that your project is secure yet have it closed-source. We're happy to have you look at our code on https://github.com/Clevyio/nopas... and tell us where we are wrong! The word Accountless is also very important to us. Most similar services will store and persist user accounts on their systems forever (usually in order to charge you per account). There is absolutely no reason to persist a user when all you want is to verify their account! This is why our design involves irreversibly hashing user data, never storing anything we don't need, and removing all data as soon as the security code is no longer valid. Some of the most popular use cases are: - Verify user identity when no other auth method is available, such as chatbots (our own primary use case!); - Implement passwordless authentication by sending magic links to your users; - Provide a second factor of authentication during signup/login flows; NoPass.me is available for free for indie devs and startups to verify up to 5000 identities per month (you can request an API key on the website directly). Or download it from github and give us a star 🌟 while you are there! Let us know what you think in the comments!

Looks interesting, and OSS! @bastien_botella1 Waiting for the security audit results!

Congrats on the launch ! Looking forward to test it

I never comment on things but super excited, we are building an integration framework leveraging the Serverless.com framework and I’m 90% certain we’ll be rolling this into our framework and our own platform we’re building. Awesome.

Application security is an evolving thing. We went from asking a long password, to enforcing some rules about special characters, to password managers so you don't have to remember all passwords. Next move? Passwordless authentication :) You already saw it on your favorite apps, now it's your turn to implement it and your own. With NoPass.me, in a couple of minutes your application is secured. And it's even open source!

Seems really interesting to reduce bounce rates at signup forms & offer frictionless privacy to end-users. I'll try it out!

Simple and efficient. Congrats for the launch!

Congrats on the launch ! Looks exciting. Just one question, what is the waiting list about if we can install it right away ?