Auth0 Introduces passwordless authentication

Oct. 2, 2015
New features make it easy for subscribers to ditch passwords and enable their users to log in with just an email account or mobile phone

Bellevue, Wash. – Wednesday, September 30, 2015 Auth0, the leading universal identity platform, today introduced passwordless authentication, allowing developers to quickly and easily implement secure authentication for their apps without the need for passwords. Passwordless authentication through Auth0 uses email, SMS or Apple Touch ID to replace a username and password for any application. Also released today is Auth0’s ‘Lock Passwordless’ - a free login box widget for software developers that can be integrated into any web, native or mobile application with just a few lines of code, almost effortlessly enabling use of a fingerprint or one-time access code or link.

 “Passwords can be easily forgotten or stolen,” said Auth0 CEO, Jon Gelsey. “By eliminating the need for users to remember passwords, developers and IT professionals can reduce hassles for their users, greatly increase the security of their apps, APIs and IoT devices, and accelerate user acquisition. Now, any application can easily incorporate simple yet strong multifactor identity security.”

 Passwordless authentication uses either a fingerprint, a temporary secret link, a temporary secret code, or a combination of the three to allow access and authenticate a login. The link or code is sent to a user’s verified email address or phone number, or is displayed on an authenticator app on their phone. The link or code expires after a few minutes, ensuring that others cannot gain access if the code becomes compromised. In addition, OS native fingerprint identification can also use the fingerprints of a pre-registered user to log them in. Email, SMS and Touch ID passwordless authentication can be implemented with just a few lines of code and Auth0’s cloud platform, and can be combined with other features such as multifactor authentication.

 “Human error associated with passwords is a common entry point for hackers to exploit. The prevalence of easy-to-guess passwords or passwords compromised through exploits is low-hanging fruit for black hats,” Gelsey continued. “Passwordless authentication makes access more secure, while removing the burden of remembering and typing a strong password on a phone.”

 Auth0’s goal is to make secure identity implementation and management easy for developers and IT professionals. Auth0’s passwordless authentication can be used with any identity provider or application, making the migration away from traditional passwords extraordinarily simple. This announcement is the latest addition to Auth0’s comprehensive and ever-growing universal identity security platform which also helps subscribers implement single-sign-on (SSO), multifactor authentication (MFA), and much more across any application, API or IoT device.                

About Auth0

Auth0 is identity made simple for developers. The company, a universal platform for authentication and authorization, makes it easy for developers to implement even the most complex identity solutions for their web, mobile and internal applications, APIs and IoT devices. Auth0 enables developers and IT staff to easily and securely set up social and enterprise identity provider registration and login, username and password, single-sign-on, multifactor authentication and more. Subscribers include more than 20,000 companies ranging in size from small startups to large enterprises in more than 150 countries around the world.  Auth0 is headquartered in Bellevue, WA. Investors include Bessemer Venture Partners, K9 Ventures, Founders Co-Op, Portland Seed Fund and NXTP Labs, and the company is financially backed by Silicon Valley Bank. For more information visit https://auth0.com or follow @auth0.