We're now live! Signup now

Serverless Passkeys

Frictionless multi factor authentication for web apps. Passkeys are the future and with Passlock you can be up and running in 30 mins - for free! 😎

App screenshot Passkey being used to sign in to GitHub

Why passkeys?

Secure, frictionless authentication

Passkeys are a replacement for passwords. Passkeys verify identity using public key technology, along with facial recognition, fingerprint scanning or PINs.

Supported by Apple, Google & Microsoft

All the major browsers now support Passkeys. Native biometric authentication is provided by Face ID, Touch ID, Windows Hello & others.

Learn more

No more password policies 😍

Infosec practitioners love them, but users hate them. Passkeys eliminate the need for complex password policies, to the certain delight of your users.

Learn more

Multi-factor authentication

Ditch email & SMS codes. Forget Google authenticator. Passkeys make secondary authentication factors redundant.

Learn more

Cross-device authentication

Use Face ID on an iPhone to sign in on a desktop browser. Passkeys deliver a streamlined sign in experience across multiple devices.

Learn more

Immune to phishing

Even if the user wants to, browsers won't use a passkey for anything other than the intended site, negating one of the easiest attack vectors.

Learn more

No more forgotten passwords

Private keys can be synced to a user's cloud account e.g. iCloud. Alternatively a backup device can be used for account recovery.

Try Passlock yourself

Passkeys Demo

Note: Your data will be deleted from our servers after 60 minutes. However, your client side Passkey will remain on your device/keychain unless you manually remove it.

>
Register.js
Login.js
const passlock = new Passlock({ tenancyId, clientId })

// send token to your backend for verification
const { token } = await passlock.registerPasskey({
  email: form.email.value,
  givenName: form.givenName.value,
  familyName: form.familyName.value
})

Why Passlock?

Passkeys in under 30 minutes

We've made it really easy to add primary and multi factor authentication to your web apps using FIDO passkeys. You really can be up an running in under 30 minutes!

Simple.
You don't need to know the underlying WebAuthn API or FIDO specs. We handle all the cryptographic stuff for you.
Use ANY frontend.
The Passlock client library is framework agnostic, working with anything from vanilla JS through to React/Redux.
Secure.
We run on AWS, utilizing many of their enterprise products to protect the confidentiality, integrity and availability of your data.
Choose ANY backend.
Node, Python, Go or .NET - it doesn't matter. If you can call a REST endpoint or handle a JWT, you're good.
No vendor lock in.
Migrate to another platform or in house solution at any time with full export capabilities, including public key credentials.
Nest.js Python NEXT.js NUXT js GoLang MS .NET

Plus many other frameworks

Coder wearing headphones in a co-working environment

How it works

As easy as social sign-in

Our frontend library returns a token that you send to your backend for JWT or REST verification.

Passkey registration

  • registerPasskey() - Returns a token that you send to your backend as part of your registration process.
  • Verify the token. Your backend code verifies the token is authentic by calling our REST API.
  • Link the Passkey ID. Link the Passkey ID with a user in your database.

Frequently asked questions

Passlock is free for personal and commercial use.

Want product news and updates?

Sign up for our newsletter

We care about your data. Read our privacy policy .