Password Managers vs heylogin
Passwordless Login Experience
For a passwordless login experience, until now companies could only connect their SaaS solutions with a Single Sign-On (SSO) service, such as Okta or Duo. This more than doubles the required software budget, well documented at sso.tax. Even if the budget is available, many websites do not support SSO functionality. For social media, government agencies, shopping portals and similar sites, only password managers remain as a solution. Solutions, like 1Password, LastPass and Dashlane require users to come up with a particularly complex master password that needs to be typed in regularly.
heylogin solves this problem. Although we are technically a password manager, we offer the login experience of a modern single sign-on.
Swipe-to-Login replaces Master-Password
Legacy password managers require users to remember and regularly enter a Master Password. A Master Password must be complex and kept private, as it is the single secret to all information. This allows attackers to guess the user's password by trying a lot of variations, called an offline brute force attack. To protect against these attacks, a second factor is required. Legacy password managers only provide these as an optional feature, which is rarely activated since it makes their usage inconvenient.
With heylogin, a Master Password is no longer necessary. Instead, we use the secure element present in modern smartphones to provide our "Swipe to Login". Secure elements are security chips that protect secrets against unauthorized access and brute force attacks. This makes heylogin two-factor secure by design because logins are protected by the smartphone (1. factor: posession) and the security mechanism on the smartphone itself (2. factor: PIN/bioemtric). heylogin is not just more secure, it's also easier to use.
Comparison of login solutions
2) Dashlane and LastPass only synchronize with a delay or when updating via button. KeePass must be synchronized manually.
3) 2-factor security in system solutions is either not available or only works if smartphones of the provider are also used.
4) Conventional password managers are only protected with a master password (knowledge) by default. Factors of possession and biometrics are optional and result in a degraded user experience.
5) SSO solutions are only passwordless when properly configured or when using modern solutions (e.g. Hypr).
*All prices plus VAT