PicKey.ai

@gaurav_upadhyay1 Huge congratulations on the launch, Gaurav & Soumya 👏

How do I know the makers?

I first came across PicKey last year when the founders reached out and walked me through what they were building.

What immediately stood out wasn’t just the idea, but the depth of thought behind it, the craftsmanship, the user-first approach and the amount of work that had clearly gone into rethinking how password managers should work.

Why I endorse Pickey?

I’ve reviewed and used many password managers over the years and I’d honestly never seen one approach the problem from such a memory-based, visual-first angle.

Using personal photos as a master key felt surprisingly intuitive and the fact that the team went on to patent the underlying technology and build it with serious security standards really impressed me.

Most traditional password managers still rely on storing encrypted passwords and we’ve all seen how often those systems become targets. PicKey’s approach of not storing passwords at all is what makes it stand out as one of the more thoughtful and security-forward solutions I’ve come across.

I genuinely believe PicKey can be valuable for:

• Individuals who struggle with passwords

• Families and teams looking for safer access sharing

• And even security enthusiasts who want something beyond the usual vault model

Highly recommend giving it a spin! :)

@gaurav_upadhyay1 That's definitely something unique angle at password handling. Quick question, what happens if you lose the device ? Is there a way to restore the passwords or all necessary info to regenerate passwords is stored locally ?

@gaurav_upadhyay1 i like this, going to try it now.

@gaurav_upadhyay1 Gaurav this is a very novel auth model! How do you handle recovery and edge cases: for example, if a user loses access to their original photo, changes devices, or their visual recognition subtly degrades over time without re-introducing a traditional master password or weakening security?

@kate_ramakaieva the classic 'reuse rotation'! We know it well. 😅 Thanks for the support!

We actually built the 3D Collectables & XP System specifically to break that cycle.

We found that when security feels like a game—where you get to 'equip' a T-Rex or a Cyber-Ninja instead of typing a boring string—the good habits actually stick. 🦖🤖

Quick question to a fellow parent : Do you think they’d be more motivated by the Visuals (relatable photos as master passwords & collecting cool 3D characters) or the Achievements (leveling up their Security Rank/XP) in the Map?

@busmark_w_nika thank you!

Since your Master Key is a photo of a real object (like your watch, a toy, or your dog), you don't need to hide it in a safe. You just leave the object right where it belongs! An attacker might see your coffee mug, but they don't know it's the specific key to your digital vault. It’s the ultimate 'hiding in plain sight.' ☕️🔐

(We also keep an encrypted memory aid for you—locked behind your biometrics—just in case you forget which object you picked).

And this is the only photo you every need to remember, and use it to login to PicKey. Once you're in, PicKey will then manage all of your other passwords (tiktok, instagram, google, etc etc).

Alternatively, you also have the choice to store the photo in your cloud or device library, so that you can just see and remember it. However, taking live photo is generally better as it can simply hide in plain sight.

Does it answer your question? I'd be happy to clarify more or answer any follow-up questions you may have..!

@anishsharma absolutely. We're working on it and should be available in a few weeks.

Will be in touch.

You may have seen our intro video (link) as part of the PH launch here, which gives an very high level overview of PicKey. The in-depth video (or series of videos) will also be uploaded in forthcoming weeks on our YouTube channel (link).

I'll try and keep you in the loop too.

Quick Question : When you try new tools, do you notice design first or features first?

@anishsharma one more thing.

PicKey's iOS app (link) is carefully designed to be intuitive and explain most of the important aspects during onboarding. It will be great if you can try it out.

Let me know what you may thing of it. Any questions, concerns. I'd be more than happy to answer.

@catt_marroll Thanks for the comment.

we're fixing the website navbar issue.

Let me answer your questions.

a simple explanation / visual of how i actually log in to the password manager :You simply create a visual master password to login/signup to PicKey, using :

1. your favorite photo

2. a virtual 3D character (called collectable) on top of it.

This logs you into PicKey, which handles all of the password management from there on and autofills the passwords you've created/imported on both mobile and desktop. We've introduced this in the into video as well (link).

a simple explanation of how this is better.

It is better because :

1. Image based master passwords are stronger than text passwords used in traditional password managers due to higher combinations possible with image vs text. You only have 94 options per position for a text passwords (a-z, A-Z, 0-9 and special chars), whereas a single pixel in an image can have more than 4.2 billion values. The combinations in an image based passwords are practically infinite compared to text master passwords.

2. MagicPass passwords in PicKey are managed without ever being stored in any database (not even encrypted). This makes them even more secure as there is no data to attack.

3. Image based passwords are much easier to just see and remember. A long 16 digit strong text password will be much harder to remember. It is something that most users can actually use without worrying about mental overload of remembrance.

probably some reassurances around how this is not susceptible to whatever the first attack vector i think of is.

Other than the practically infinite image based entropy and points mentioned above, here are other security protocols that make PicKey's architecture secure :

• Phishing-resistant deep links

• On-device verification

• Short-lived PKCE-style OAuth flows

• Biometrics

• AES-256-GCM Cipher

• Secure KMS

• Least-privilege architecture

• End-to-end encryption

You only need to upload or select your photo when you login/signup to PicKey (which is an infrequent event and is generally valid for a long time barring some verifications).

We've found that most young adults do not use password managers or reuse older passwords, mainly because there is no motivation towards good secure habits. Our gamification is aimed towards rewarding good personal cybersecurity habits (like giving free access to PRO plans if one keeps strong passwords).

All of these are relevant questions, and I'd be happy to answer any followup questions that you may have. Our aim is to keep all of the cybersecurity fundamentals strong, but also make it usable to the people who need it the most.

@nuseir_yassin1 thanks for the question.

Our Neural Network is trained on Semantic Understanding, not just pixel-perfect matching.

It understands the "concept" of your photo (memory of it instead of the exact pixel data). Small variations in pose, lighting, or growth are automatically handled by the model's tolerance layers.

Similar to how you recognize your living room each day, even if things change regularly in it.

If the visual change is drastic or you'd like more keys, you can create or update your Master Key(s) using your trusted device credentials.

Will be happy to answer any follow-up question you may have on this.

@zerotox haha! you got it.

But in all seriousness, maybe "one master password to rule them all" thinking is what is preventing adoption of password managers by those who actually need it the most.

I can bet that nobody wakes up in the morning and feels excited about memorizing master passwords filled with uppercase, lowercase, special characters, numbers and 16 digit long sequences.

Which side of the bet are you on :)

and thanks for your support. It means a lot.