RFC-001 Implementation

Advanced Out-of-Band Passwordless Authentication

Replace passwords and OTP codes with device-bound public key cryptography. Secure by design.

Interactive DemoEnroll Device

Passwordless

No passwords. No SMS OTP. Just your cryptographic key.

Device-Bound

Keys are bound to your device — cannot be phished or stolen remotely.

Ed25519 / P-256

Government-grade elliptic curve cryptography for every authentication.

Out-of-Band

Verification happens on a separate channel from login, preventing MITM.

How AOTP Works

1

Login Request

Browser → Server

2

Create Challenge

32-byte nonce

3

Push to Device

Out-of-band

4

User Signs

Ed25519 / P-256

5

JWT Session

Authenticated!