N-SSO

Passwordless single sign-on

Eliminate passwords across your web applications, and the reset tickets, lockouts and phishing exposure that come with them.

The problem

Passwords are your biggest helpdesk cost and your biggest hole

Every application with its own password means reset tickets, forced rotation policies, lockouts — and users who cope by reusing the same password everywhere. The IT team pays for it in tickets; the security team pays for it the day one of those reused passwords leaks.

The solution

One tap on the phone replaces every password

Users open an application, get a push notification, and approve with a tap (plus fingerprint or face check if you require it). Authentication is a digital signature from a key held in the phone’s hardware: there is no password to forget, phish, or reuse.

The SSO service speaks SAML and OAuth, so existing web applications connect without code changes. An AD FS plugin covers the Microsoft stack.

  • SAML and OAuth out of the box
  • AD FS plugin for the Microsoft stack
  • Per-service security policies: biometrics, PIN, geolocation
  • WordPress two-factor plugin available
notakey-appliance / service settings
The appliance console for a single SSO service: its security level, OpenID Connect configuration and the branding shown to users on their phone.

How it works

From zero to protected

  1. 01

    Connect your applications

    Point your SAML- or OAuth-capable applications at the Notakey SSO service. No application code changes.

  2. 02

    Users enroll once

    Each user onboards their phone against your Active Directory or LDAP. Security policies (biometric check, PIN, geolocation) are yours to set per service.

  3. 03

    Logins become approvals

    Every login is a push notification the user approves on the phone. Every approval is a signed, timestamped event in the audit log.

See your first passwordless login this week

A 30-minute call with an engineer, not a sales deck. We’ll map your VPN, SSO or Windows setup to a working pilot.