More than just advanced authentication technology

No usernames
No passwords
Zero-knowledge privacy

WWPass technology image

Traditional Login Pitfalls

User’s identification and verification are based on a vulnerable combination of usernames and passwords, a "something you know” factor.

What's wrong with usernames?
  • People use the same username — which is often their email address for many accounts
  • For web-based cloud applications, a well-known email address is an easy entry point for hackers
What's wrong with passwords?
  • The majority of people use 3 to 5 different passwords to protect all accounts
  • Websites receive plaintext password values during authentication, which is a fundamental flaw of the most commonly employed password verification schemes
Various login/password forms

What's wrong with traditional 2nd-factors

Traditional 2nd-factors like OTP, SMS and others are often used as additional user verification. In reality, this only verifies a user if they have the device or account on-hand.

Traditional 2nd-factors are:
  • Based on usernames and passwords
  • Not always secure
  • Difficult to recover
  • Inconvenient for end-users
  • Not universal
  • Poorly scalable
Phone with text code

No Usernames, No Passwords —
No Phishing, No Identity Theft

Traditional Login with Multi-Factor Authentication

  • User Identification is always a starting point of a login
  • "Something you know" factor
  • Created by the user and stored by a website/application
  • Need to be protected with 2nd Factor
  • Not convenient, not always secure

WWPass Login without Username and Password

  • No Usernames, No Passwords
  • User Identity is the result but not a starting point of login
  • "Something you have" factor
  • PUID (Protected User Identifier) is a random number created by the website/application, assigned to the user, stored in the encrypted form by WWPass
  • Universal, convenient and very secure

Protected User Identity — PUID

WWPass creates user identification based on PUID, which is a unique string of randomly generated numbers attributed to a particular service.

Encrypted and distributed

All PUIDs stored by WWPass are always dispersed and client-side encrypted at rest and in transit.

Zero-knowledge

WWPass stores all digital identities in a number of datacenters. No single datacenter stores enough information to decrypt data.

WWPass phone

WWPass login — How does it work?

Users don't send any credentials to WWPass or applications, which means credentials cannot be stolen. All cryptographic operations take place on the user's device.

  1. Start of Login with WWPass Key

    A user presents a WWPass Key to log into a website or an application

  2. Key identification and verification

    WWPass authenticates both the Key and the application. Once authenticated, WWPass combines the Key and the application to create a pointer to a unique data container located in the geographically-distributed WWPass Network.

  3. Supply of user identifier — PUID to Service Provider

    WWPass sends the information stored in the data container to the application via a secure communication channel.

  4. User identification and authorization

    The application verifies the information received from WWPass and logs in the user. The user's identity is non-transparent to any potential attacker.