Simplify & Secure Your Online Life with Zeylink

Tired of Password Overload? Say goodbye to the endless cycle of forgotten, invalid, and insecure passwords for most of your online accounts. Zeylink drastically reduces your need for them, making your digital life simpler and more secure.

How it works:

Logging in with Zeylink is simple and fast, automatically handling new users, existing logins, and even password resets through the same streamlined process:

On any Zeylink-enabled website, simply click login with Zeylink.
Scan the unique QR code that appears with your Zeylink app.
Enter a randomly generated 4-character PIN displayed in your app.
You're instantly in! No usernames or complex passwords to remember for daily logins.

Zeylink Benefits:

You're in Charge: Zeylink isn't another company logging in for you. It's your personal keychain, giving you direct, secure access to your accounts on their websites. Your identity remains with the websites you trust.
Significantly Fewer Passwords: Focus your strong, unique passwords only on crucial master accounts (like email).
Isolate Security Breaches: Each Zeylink login creates a unique, site-specific credential. If a website you use ever suffers a breach, only that site is affected – your other accounts remain secure, unlike traditional password methods where one leak compromises many.
Stronger Protection: Greatly enhance your security against common online threats like credential stuffing and data breaches.
Phishing Resistant: Our unique login process makes phishing significantly more difficult compared to traditional password methods- there is no password to steal!
Complete Privacy: We never collect or sell your data. Your information remains just that: truly yours.

At Zeylink, we believe your online experience should be effortless and inherently secure. By fundamentally rethinking how you access websites, we provide a solution that truly puts your privacy and protection first. Embrace a simpler, safer way to connect online.

Zeylink - Where Privacy meets Security.

Zeylink: The Future of Login.

Tired of password headaches, user churn, and the constant threat of account fraud?

Traditional authentication is broken. Users battle forgotten passwords, leading to frustration, support calls, and churn. Simultaneously, rampant password reuse and shared accounts (streaming, gaming, etc.) pose significant security risks and drain revenue from your platform.

Zeylink fundamentally re-imagines user authentication. It eliminates traditional passwords, offering a seamless, secure login experience that integrates directly with your existing user accounts.

How Zeylink Works for Your Users:

Zeylink orchestrates a secure, multi-stage login and registration process where your website remains the ultimate authority for user identity:

Initial Request & QR Code:
- User clicks "Login with Zeylink" on your website.
- Your site generates a unique 32-byte session ID nonce and displays a QR code. This QR contains the "zeylink://login?url=" your site's API endpoint, and the nonce.
- The user scans this QR code with their Zeylink app.
Website-Controlled Verification:
- For new users or account recovery, the app sends an initial request (including the user's email) to your site's backend.
- Your website then takes over identity verification: It sends a magic link to the user's registered email. This link, once verified by the user (via your site's 2FA or other means), leads to a QR code displaying the actual 32-byte secret key.
Secure Key Exchange & Connection:
- The Zeylink app temporarily stores an encrypted payload from your site.
- When the user scans the 32-byte secret key QR code (from the verified email), the app uses this key to decrypt the stored payload.
- Upon successful decryption, the app establishes its first fully authenticated (AES:GCM) connection, signaling registration completion and initiating secure key rotation.
Effortless Returning User Login:
- For returning users, the app (already holding the secret key) establishes a direct, secure connection to your site's backend upon scanning the initial QR code.
- Your backend generates and securely sends a 4-digit PIN to the app. The user confirms by entering this PIN into the website.
- They're instantly logged in—no usernames, no passwords, no reset emails.

Core Benefits for Your Platform:

Eliminate Password Friction: Drastically reduce password reset requests, improving user satisfaction and cutting support costs for returning users.
Unrivaled Security: Built on advanced, constantly rotating cryptography (perfect forward secrecy) with server-generated, single-use PINs. This neutralizes credential stuffing, brute-force, and offline cracking.
Combat Account Sharing & Fraud: Our unique single-device authentication ensures only the intended user can access their account, directly combating unauthorized sharing and reducing fraudulent activity—critical for subscription-based models.
Powerful Anti-Phishing: Automatically enforces IP address matching for direct link logins (e.g., email/SMS), making sophisticated remote phishing attempts virtually impossible.
Minimize Data Breach Risk: By eliminating static passwords, Zeylink drastically reduces the most common vector for credential theft from your systems.
Streamlined User Journey: Offers frictionless login for returning users and a clear, secure framework for new user registration and account recovery, empowering your site to build an intuitive experience.

A Complementary & Powerful Integration

Zeylink isn't another Identity Provider (IdP) that takes control of your user data. Instead, it functions as a highly secure, personal digital keychain for your users' existing accounts on your platform.

This means:

You Retain Control: Your website remains the central point of truth for user accounts and identity management. Zeylink provides the secure mechanism for users to access their accounts on your site, only after your site's own identity verification.
Decentralized Security: The app itself is decentralized, giving the user control over their secure credentials, which are unique for each website and never revealed to the user.
Website-Driven Credential Issuance: Zeylink's security fundamentally relies on your website's robust identity verification methods (e.g., email, 2FA) to issue the initial 32-byte secret key, ensuring only legitimate users can establish a secure connection.

The Integration Advantage for Your Platform:

Our core API is free to integrate and use, providing immense value to your ecosystem at no additional cost to your business.
We provide robust documentation and PHP support files designed for easy, drop-in deployment (with minor configuration).
Community Support: While I (the developer) am dedicated to providing assistance, we foster a supportive Discord community for peer-to-peer help, ensuring a smooth deployment journey.

Please email support to request access to the API

Let's Build a More Secure Future, Together.

Zeylink is ready to redefine authentication, creating a safer and simpler web experience for millions. We are actively seeking strategic partnerships with innovative online platforms and service providers to embed Zeylink's revolutionary authentication. This will enhance security, reduce your support costs, and protect your revenue.

For any further questions or to discuss advanced integrations, feel free to connect with:

Eric Tiley, Founder

LinkedIn Support@Zeylink.com

Support

Everytime I setup a new device, my old one becomes desynced.

Yes! Part of our security for the app is that it can only run on one device. The reasoning is simple; if you have multiple keys lying around, you might forget about, or lose one. Imagine that you lose or let a friend borrow a device that has your keys on it. Next thing you know, someone is logging into your accounts.

How do I add other email addresses to my account?

Currently there is no way to add any additional email addresses to your account. It is currently undetermined if or when that feature will be implemented. If this is a feature that many people would want, then let me know in the discord page linked below.

My device keeps desyncing. It's the only device that I am using.

If your device keeps desyncing, and you do not have notifications turned on, or you do and you keep getting a message saying another device has been activated, you will want to secure your email. To do so, first make sure that your email is logged out of all devices, and then change the password on your email account.

My device is unable to sync with a website

If your device is unable to sync with a website, you will need to contact that website for support. Unless that website is Zeylink.com, the Zeylink app just stores the login keys like a keychain. We have no access to the individual keys, or have any influence over them.

My device has been stolen or lost!.

You can deactivate your account on that device by either adding your account to a new device, or by clicking: Deactivate a Device

I need assistance with my Zeylink account

You can contact us at support@zeylink.com. Please be sure to send your message from the same email address associated with your account. For security reasons, we cannot assist with requests sent from a different email address.

I need further assistance implementing the API or reporting Bugs.

You may check out our discord. There are other people there asking questions and helping each other out. If there are any bugs, you can post them there, or just have questions or need help with some API stuff. Important: Do not share any personal information or secure information about your website. This may include but not limited to usernames or passwords. Click For Discord

Showcase

Here you can check out how logging in works and get an idea of how it would look on a website.

This is only a light weight login for showcasing purpsoses only.

Remove Device

Here you can remove your account from a device.
Simply enter in the email on the account.

Retype Email

Request Complete.
Please check your email for next steps.