Myki Authenticator

Login to any account on any device with your fingerprint

Myki is an offline password manager and authenticator that allows you to login to any account on any device by approving a login request on your smartphone. The main difference between Myki and cloud-based password managers is that your passwords are not stored in the cloud which allows myki to auto-fill 2fa tokens. + no master pass!

Around the web

Reviews

  • Nick NeumanProduct Manager, Grab
    Pros: 

    Secure, intuitive to use, very responsive team, frequent updates

    Cons: 

    Occasionally minor bugs (not enough to deter me from using), not as "polished" as 1Password

    I have been using Myki for ~6 months now. Myki is an excellent password app that has all the major features of the more popular apps with one big added bonus - it's essentially 2 factor authentication for all of your stored passwords, because you must have your phone with you to fill passwords on your computer (more on this later).

    Here's a quickie on how Myki works: You're using your laptop. You navigate to a website and need to fill in your password. A Myki prompt pops up, you click it, and then a notification shows on your phone to grant access. Tap "Grant" on your phone, use your fingerprint to authorize, and you're done! Myki fills the password on your computer.

    I've used 1Password for a long time now and generally think they are the best of the "big" password managers. However, I don't like the idea that if anyone stole my computer, they could try to guess my master password and then have access to all of my sensitive data. With Myki, they would need my computer AND my phone. You cannot get Myki to fill a password just from the Chrome extension, like 1Password, you always have to authenticate on your phone.

    Myki also stores passwords locally, which is a big plus for those of us worried about cloud hacks.

    We all know we have a big weakness in passwords. Randomly generated passwords via 1Password are great and help make our accounts more secure, but you still have to come up with a master password that you easily remember & type, which means it's likely that the password you need to be MOST SECURE is the EASIEST to guess! D'oh! Myki eliminates that inherent conflict by using your fingerprint as the passcode.

    On a final note, there are a few bugs in Myki since it's so new. But I keep an eye on the release notes, and they've been frequently knocking out bugs and improving the app. I run 1Password alongside it right now for convenience, but eventually once Myki has really built out its platform, I plan to fully switch over. I'd highly recommend you check this out, especially if you're a cyber-security freak like myself (which, who shouldn't be lately- gotta hodl those bubbly bitcoins).

  • Pros: 

    secure (decentralized system), useful sharing features, great interface easy to use

    Cons: 

    Safari extension and ipad compatibility still in the works

    Myki has become an indispensable tool in my day-to-day life. Now with the credit card integration i'm also using myki during my online shopping. Can't wait to see what's yet to come.

    Marylynn P. Antaki has used this product for one year.

Discussion

You need to become a Contributor to join the discussion - Find out how.
Antoine Vincent JebaraMaker@antoinejebara · Co-Founder & CEO | Myki (myki.co)
@nikosv Thank you for hunting us down. The Myki Password Manager & Authenticator is designed in a way that prevents hackers as well as governments from accessing your accounts. In our opinion, cloud storage of passwords, keys and certificates is convenient but constitutes a big security issue. Hackers shouldn't be able to compromise a publicly accessible server and as a result gain access to users credentials. Myki follows a different approach by creating a private cloud in your pocket. All of your passwords and keys are securely encrypted on your smartphone (secure backups are automatically made on other devices that you own in an ad-hoc manner). You can pair the Myki app with your computer browser by scanning a symmetrical encryption key (AES256 PBKDF2) generated by the browser extension. This create an encrypted P2P connection between your phone and your browser. When you need to login to an account on your computer, you receive a push notification to your smartphone. You can grant access from your mobile lock screen by using your fingerprint or a pin code. The passwords are then encrypted with the shared key (generated by the browser) and sent to the browser extension that decrypts them and injects them in the website. As a result of our unique architecture: - Our servers are only used as relay servers (they don't hold any sensitive information, we can't get subpoenaed, if our servers are compromised they don't hold sensitive users' data) - No master password needed (another password to secure all other passwords? Really?!) - Myki can pair and log you in on an unlimited number of computers. - Myki stores and auto-fills two-factor authentication tokens. - Myki can remotely log you out of any account on your computer from the myki app on your phone For more information about how myki works, visit: https://myki.co/privacy You can get the app on iPhone and Android from https://myki.co/download
Hal Gottfried@hgottfried · Founder, Level Up Labs
@antoinejebara seems similar to Toopher and others who have tried this. The sites still however have a username and password that can be compromised if that site is breached. I'm not sure how you're fixing that, you are making security much more convenient for the common person and increasing the use of 2FA. All good things.
Antoine Vincent JebaraMaker@antoinejebara · Co-Founder & CEO | Myki (myki.co)
@hgottfried Thank you for you comment! Actually Toopher, prior to their acquisition, was only compatible with websites that integrated with it. Myki works with any service online, it requires absolutely no integration with any service provider + Toopher only acted as a 2fa provider. Myki fills usernames, passwords and 2fa tokens just by approving a request from your smartphone. If a site is breached, we notify our users of the site breach through the app and give them an option to change their password. The idea is to stop thinking in terms of usernames, passwords and 2fa tokens, we want our users to think in terms of access. The only way to really increase security is to completely abstract the layer of authentication from end users and this is what we are working on at Myki.
Mohammad AwwadMaker@awwadeto · iOS Developer, Myki
With Myki, you can share access to your accounts with anyone without revealing your password. And whenever you decide to revoke access, the account will be removed from the user’s phone and he will be signed out from any device he’s logged into.
Rami Salman@rambunctious13 · Founder & CEO of Wrappup
Awesome app
Marylynn P. Antaki@marylynnpauline · Architect
It was about time Myki was hunted on Product Hunt and shared to all the community. I've been using Myki for quite some time now and I think it's by far the best password manager i've ever tried. And trust me i've tried quite a few since i've been suffering from one thing I think all millennial suffer from: an abundance of passwords and no memory recollection after creating them. Several services offered by the app have seduced me from the start like the remote logout, which I very often use when I forget to sign out from my accounts on my work desktop, and the automatic password generator which i use to make sure my password are strong enough. The best feature is the sharing center, where I can easily share my accounts without even revealing the passwords to the person i shared them to. How awesome is that. I also like the mood and vibes the app send you with its dark theme, it feels like i'm in the inside of a very secure and well hidden vault.
Roy BreidiHiring@roybrey · Co-founder at Shakepay
Myki is to traditional password managers what bitcoin is to traditional banking. You are in full possession of your own passwords/money. We've been using Myki at Shakepay for a while and we love it. Well done!