Verifying user identities requires writing tedious, repetitive code, risking catastrophic security breaches π±. With NoPass.me, an open-source MFA verification solution, securely send and verify One-Time Passwords and ensure users are who they say they are!
Hello Product Hunt!
And thanks Nicolas for hunting us! β€οΈ
We are super happy to introduce NoPass.me, an Open-Source, Accountless, Multi-Factor Authentication API. Let me explain all these words π
NoPass.me is an open-source, freemium SaaS or self-hosted API, that lets you verify that a user is who they say they are. When a user registers on your website or service, you would call the API to generate and send them a random code, then verify it. Security and confidentiality is built-in: no user is created in any persistent database, no personal data is stored, no password is stored in clear text, everything is done automagically for you.
We strongly believe that transparency is the key (no pun intended) to all security projects. You can not say that your project is secure yet have it closed-source. We're happy to have you look at our code on https://github.com/Clevyio/nopas... and tell us where we are wrong!
The word Accountless is also very important to us. Most similar services will store and persist user accounts on their systems forever (usually in order to charge you per account). There is absolutely no reason to persist a user when all you want is to verify their account! This is why our design involves irreversibly hashing user data, never storing anything we don't need, and removing all data as soon as the security code is no longer valid.
Some of the most popular use cases are:
- Verify user identity when no other auth method is available, such as chatbots (our own primary use case!);
- Implement passwordless authentication by sending magic links to your users;
- Provide a second factor of authentication during signup/login flows;
NoPass.me is available for free for indie devs and startups to verify up to 5000 identities per month (you can request an API key on the website directly). Or download it from github and give us a star π while you are there!
Let us know what you think in the comments!
koinju
CSML Playground
koinju
CSML Playground
CSML Playground
LLC Toolkit
CSML Playground