Strong authentication, without the passwords

Would you recommend this product?
1 Review5.0/5
Big thanks for the hunt @haynes_dave! Hi PH! Authentiq uses OpenID Connect and offers a simple and safe way to move beyond passwords. Stan and I started working on Authentiq to address issues we experienced as developers but also as users of services on the web: - managing passwords is painful and not very safe and 2-step verification is a hassle. - registration on new services is a chore as a user, and for web services a hurdle in user onboarding. - we feel that user profiles should ideally not be stored centrally / in the cloud at all. With our mobile app, Authentiq ID, you can create a verified ID on your phone and use this to sign in safely with just a touch. No personal data is stored in centrally, it's only exchanged with your consent, and cryptographic keys never leave your phone. As Authentiq is based on open standards like OAuth and OIDC, developers can quickly integrate it as an alternative to passwords and 2-step verification methods: it's as easy as adding a "sign in with Google / Facebook" button, and we already integrated Authentiq in some much used frameworks. Authentiq will be free for end users and for basic identification and authentication on websites. Let us know what you think! - P
A long unsolved problem - now SOLVED! Great stuff - quick question, what kind of integrations do you have as of now?
Oh, and how do you address privacy?
@oplante We currently have integrations for Ruby (OmniAuth), Python (Flask/OAuthlib), NodeJS (PassportJS, MeteorJS), PHP (League & Zend). See our repository for some examples: We're just about to release Wordpress as well (sign up to follow the progress). Also, what integration should be next on our list?
@oplante Great question Olivier. A lot of thought went into that one at Authentiq. First of all we do not store any private data centrally, and store it on your phone instead. And upon signing in or signing up to a service, you are in control over what data you share with the site/service you are visiting. Full control over your Identity and Privacy is one of the main pillars of Authentiq.
@oplante ...and with the upcoming EU data protection regulations (GDPR, May 2018), "privacy" will be a more tangible value-add for companies too
@stannie in deed! It'll be key!
Nice one! This truly looks like it could be a replacement for Clef when you get the WordPress plugin out there! Have signed up in anticipation. PS. The onboarding was very straightforward ๐Ÿ˜„
@craigcpaterson we definitely want to get the WordPress plugin out asap, and it will be a very straightforward to use as a Clef replacement, with some improved features following shortly too. If you'd like to help and beta test the plugin, do let me know!
@stannie Great news. I'd definitely be up for helping with testing.
Sounds interesting! Curious about what happens when I lose/break my phone? How would I switch to a new device? (Asking because it just happened to me that I lost access to my 2FA app on my phone - restoring access to all the services was a huge pain..)
@tauno Good one. And we put a lot of thinking in that one as well. So in the Authentiq ID app you can have encrypted backups, which can be restored if you lose access to the app or migrate to a new device. To initiate this, you scan a QR code with the backup key, and we are considering other options as well. Bonus is that you can also store your 2FA codes in the AuthentiqID app, which will be saved in the encrypted backup too. Finally, you can completely revoke your ID if really needed, and rebuild your identity, which - depending on the security levels the websites insist on - may involve some more hassle. Give it a try and let us know what you think!
Great work!