Passwordless Authentication for Every App

Add passkey login to your website in minutes. No passwords, no friction, no compromise.

Get Started Try Live Demo
Developer laptop showing a login page with a fingerprint authentication overlay

Passwords Are the Problem

Passwords are the most exploited vulnerability online—leaked, phished, and forgotten daily. Traditional 2FA adds a second step that frustrates users and drives them away. Studies show 50–90% of registrations are abandoned, and lost credentials silently kill engagement while burdening support teams.

MasterKey2 replaces all of it with a single biometric action—fingerprint, face, or security key. No passwords, no second step, no user setup. Multi-factor authentication in one touch.

Why MasterKey2?

Zero Passwords

Authenticate with fingerprint, face, or security key. No passwords to leak, phish, or forget.

Drop-In Components

Add <masterkey2-authenticate> or <masterkey2-register> to your HTML. Browser detection and QR fallback handled automatically.

Phishing Resistant

Credentials are cryptographically bound to your origin. They can't be intercepted, replayed, or phished—even on compromised networks.

Cross-Device QR

Desktop users scan a QR code with their phone. Works everywhere, including Firefox.

Framework Agnostic

Web components, JavaScript API, or event-driven. Works with vanilla JS, React, Vue, Svelte, Astro.

Managed or Self-Hosted

We handle the infrastructure, or deploy on your own servers.

How It Works

Step 1

Load the SDK

<script type="module"
  src="https://auth.example.com
       /sdk/masterkey2.js">
</script>
Step 2

Drop in a component

<masterkey2-authenticate
  api-base-url=
    "https://auth.example.com">
</masterkey2-authenticate>
Step 3

Handle the event

el.addEventListener(
  'success', (e) => {
    location.href =
      e.detail.redirectUrl;
});
Sequence diagram showing Browser, Your Server, and MasterKey2 interaction during a WebAuthn ceremony

Built on Web Standards

WebAuthn / FIDO2 at its core. No shared secrets cross the network. Phishing-resistant by design—credentials are bound to the origin.

Padlock constructed from circuit board traces, glowing blue

Three Ways to Integrate

Pick the approach that fits your stack.

Web Components

Zero-JS HTML. Drop in a custom element, add attributes, done. Works with any framework or none.

JavaScript API

Full programmatic control. Callbacks or promises for passkey login, QR auth, and registration.

Event-Driven

Decoupled event listeners for React, Vue, Svelte. Multiple components reacting to the same auth events.

 
<!-- Five lines. That's it. -->
<script type="module"
  src="https://auth.example.com/sdk/masterkey2.js">
</script>
<masterkey2-authenticate api-base-url="https://auth.example.com">
</masterkey2-authenticate>

Ready to go passwordless?

Read the Docs Try the Live Demo