Simplify & Secure Your Online Life with Zeylink

Tired of Password Overload? Say goodbye to the endless cycle of forgotten, invalid, and insecure passwords for most of your online accounts. Zeylink drastically reduces your need for them, making your digital life simpler and more secure.

How it works:

Logging in with Zeylink is simple and fast, automatically handling new users, existing logins, and even password resets through the same streamlined process:

On any Zeylink-enabled website, simply click login with Zeylink.
Scan the unique QR code that appears with your Zeylink app.
Enter a randomly generated 4-character PIN displayed in your app.
You're instantly in! No usernames or complex passwords to remember for daily logins.

Zeylink Benefits:

You're in Charge: Zeylink isn't another company logging in for you. It's your personal keychain, giving you direct, secure access to your accounts on their websites. Your identity remains with the websites you trust.
Significantly Fewer Passwords: Focus your strong, unique passwords only on crucial master accounts (like email).
Isolate Security Breaches: Each Zeylink login creates a unique, site-specific credential. If a website you use ever suffers a breach, only that site is affected – your other accounts remain secure, unlike traditional password methods where one leak compromises many.
Stronger Protection: Greatly enhance your security against common online threats like credential stuffing and data breaches.
Phishing Resistant: Our unique login process makes phishing significantly more difficult compared to traditional password methods- there is no password to steal!
Complete Privacy: We never collect or sell your data. Your information remains just that: truly yours.

At Zeylink, we believe your online experience should be effortless and inherently secure. By fundamentally rethinking how you access websites, we provide a solution that truly puts your privacy and protection first. Embrace a simpler, safer way to connect online.

Zeylink - Where Privacy meets Security.

Zeylink: The Future of Login.

Tired of password headaches, user churn, and the constant threat of account fraud?

Traditional authentication is broken. Users battle forgotten passwords, leading to frustration, support calls, and churn. Simultaneously, rampant password reuse and shared accounts (streaming, gaming, etc.) pose significant security risks and drain revenue from your platform.

Zeylink fundamentally re-imagines user authentication. It eliminates traditional passwords, offering a seamless, secure login experience that integrates directly with your existing user accounts.

How Zeylink Works for Your Users:

Zeylink orchestrates a secure, multi-stage login and registration process where your website remains the ultimate authority for user identity:

Initial Request & QR Code:
- User clicks "Login with Zeylink" on your website.
- Your site generates a unique 32-byte session ID nonce and displays a QR code. This QR contains the "zeylink://login?url=" your site's API endpoint, and the nonce.
- The user scans this QR code with their Zeylink app.
Website-Controlled Verification:
- For new users or account recovery, the app sends an initial request (including the user's email) to your site's backend.
- Your website then takes over identity verification: It sends a magic link to the user's registered email. This link, once verified by the user (via your site's 2FA or other means), leads to a QR code displaying the actual 32-byte secret key.
Secure Key Exchange & Connection:
- The Zeylink app temporarily stores an encrypted payload from your site.
- When the user scans the 32-byte secret key QR code (from the verified email), the app uses this key to decrypt the stored payload.
- Upon successful decryption, the app establishes its first fully authenticated (AES:GCM) connection, signaling registration completion and initiating secure key rotation.
Effortless Returning User Login:
- For returning users, the app (already holding the secret key) establishes a direct, secure connection to your site's backend upon scanning the initial QR code.
- Your backend generates and securely sends a 4-digit PIN to the app. The user confirms by entering this PIN into the website.
- They're instantly logged in—no usernames, no passwords, no reset emails.

Core Benefits for Your Platform:

Eliminate Password Friction: Drastically reduce password reset requests, improving user satisfaction and cutting support costs for returning users.
Unrivaled Security: Built on advanced, constantly rotating cryptography (perfect forward secrecy) with server-generated, single-use PINs. This neutralizes credential stuffing, brute-force, and offline cracking.
Combat Account Sharing & Fraud: Our unique single-device authentication ensures only the intended user can access their account, directly combating unauthorized sharing and reducing fraudulent activity—critical for subscription-based models.
Powerful Anti-Phishing: Automatically enforces IP address matching for direct link logins (e.g., email/SMS), making sophisticated remote phishing attempts virtually impossible.
Minimize Data Breach Risk: By eliminating static passwords, Zeylink drastically reduces the most common vector for credential theft from your systems.
Streamlined User Journey: Offers frictionless login for returning users and a clear, secure framework for new user registration and account recovery, empowering your site to build an intuitive experience.

A Complementary & Powerful Integration

Zeylink isn't another Identity Provider (IdP) that takes control of your user data. Instead, it functions as a highly secure, personal digital keychain for your users' existing accounts on your platform.

This means:

You Retain Control: Your website remains the central point of truth for user accounts and identity management. Zeylink provides the secure mechanism for users to access their accounts on your site, only after your site's own identity verification.
Decentralized Security: The app itself is decentralized, giving the user control over their secure credentials, which are unique for each website and never revealed to the user.
Website-Driven Credential Issuance: Zeylink's security fundamentally relies on your website's robust identity verification methods (e.g., email, 2FA) to issue the initial 32-byte secret key, ensuring only legitimate users can establish a secure connection.

The Integration Advantage for Your Platform:

Our core API is free to integrate and use, providing immense value to your ecosystem at no additional cost to your business.
We provide robust documentation and PHP support files designed for easy, drop-in deployment (with minor configuration).
Community Support: While I (the developer) am dedicated to providing assistance, we foster a supportive Discord community for peer-to-peer help, ensuring a smooth deployment journey.

Please email support to request access to the API

Let's Build a More Secure Future, Together.

Zeylink is ready to redefine authentication, creating a safer and simpler web experience for millions. We are actively seeking strategic partnerships with innovative online platforms and service providers to embed Zeylink's revolutionary authentication. This will enhance security, reduce your support costs, and protect your revenue.

For any further questions or to discuss advanced integrations, feel free to connect with:

Eric Tiley, Founder

LinkedIn Support@Zeylink.com

Support

When I setup the app, it doesn't require an email?

Yes, that is correct! We wanted to create an account free experience, and set the stage to show that your privacy is just that; yours. There is no email required, so there is no way to track you, no way to collect or sell your information, nor anyway to blacklist you. Too many companies now days want to control what you can and cannot do, where you can and cannot go. This is not our philosophy. We are a credential verifier. That is it. We do not get to decide where you go or what you do.

How about cloud backup?

With our cloud backup, you will need to create an account. This will be used to store your data and retrieve your data. We do reserve the right to blacklist you from our cloud service if you misuse the service. Additionally, you will create a password. This password is actually used to encrypt your data on the device side. Because of this, we cannot see what your data is. That is your privacy. But this also means that if you lose or forget your password, there is nothing that we can do to help you recover your data. So don't forget your password!

How do I log into more than one account on a site?

Currently there is no way to add additional logins for the same website. If there is a high demand for an option to have additional logins, then we can integrate that.

My device is unable to sync with a website

If your device is unable to sync with a website, you will need to contact that website for support. The Zeylink app just stores the login keys like a keychain. We have no access to the individual keys, or have any influence over them.

My device has been stolen or lost!.

We do not have account information, so there is no way to remove the keys from the app remotely through our app, but instead you should reset your entire device through the correct corresponding website as there are many apps on your device that can give login access, ie: email, authenticator, phone sms, etc. Deactivate Apple Device Deactivate Android Device

I need assistance implementing the API

You can contact us at support@zeylink.com. Please allow us up to 24 hours to respond back to you.

Privacy Policy

Last Updated: February 2026

Zeylink ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we handle specific hardware permissions and data within the Zeylink mobile application.

1. Camera Access

Zeylink requires access to your device's Camera specifically to facilitate the scanning of QR codes for secure authentication.

Scope of Use: The camera is used solely for local image processing to decode QR data.
Storage & Sharing: We do not capture, record, or store any photos or videos. No data from your camera is ever transmitted to our servers or shared with third parties. Processing is performed ephemerally on your device.

2. Biometric Authentication

Zeylink supports Biometric Authentication (such as fingerprint or facial recognition) as an optional security layer to verify your identity before accessing credentials.

Scope of Use: Zeylink uses standard Android system APIs to request biometric verification.
Storage & Sharing: Zeylink never accesses or stores your actual biometric data (fingerprint or face maps). All biometric processing is handled by the device's secure hardware. We only receive a success/failure token from the system.

3. Website Cookies

If you are trying out our showcase system, we use a secure session cookie to maintain the login authentication. This allows us to showcase the Quick Login feature once you have been verified. We do not use this cookie to track users across websites and is used solely for security and login functionality.

4. Data Collection and Security

Zeylink is built on a "Privacy First" philosophy:

No Tracking: We do not collect personally identifiable information (PII) such as your name or phone number for the core application use.
No Third-Party Sharing: We do not sell or share any user data with third-party advertisers or data brokers.

5. Contact Us

If you have any questions regarding this Privacy Policy or our data practices, please reach out to us at:

Email: support@zeylink.com

Zeylink Showcase

Experience the future of authentication. This lightweight demo illustrates how Zeylink integrates seamlessly into any web environment.

1. Registration

Start by clicking "Launch Showcase" and selecting Register. This simulates the setup process. To keep this demo snappy, we’ve bypassed traditional steps like magic links or email verification, focusing purely on the device-linking experience.

2. Standard Login (QR + PIN)

Once registered, test the core functionality! Scan the QR code with your Zeylink app, authorize the request, and enter the 6-digit PIN. You’re in—no passwords, no usernames, no friction.

3. Pinless Login (Seamless Re-Auth)

Standard "Stay Logged In" features are convenient but insecure if someone else uses your device. Pinless Login offers the best of both worlds: it confirms you are physically present without requiring a PIN. Just scan the code, and the site logs you in automatically.

4. Device-Originated Login

Logging into a system that can't display a QR code, like an SSH terminal? Zeylink handles this through a secure manual handshake. After entering your identifier on the login screen, simply open your Zeylink app, select the corresponding key, and authorize the request. Your device will then provide a one-time PIN to complete the secure connection—no server-sent prompts required.

Please Enter in your email:

Please Enter in your Credentials:

Register Account

At this point, the website would typically email you your reset link. The link would link back to the website, using an unique ID linked to our account. The website may require additional 2FA or other verification, as they see fit.

For this demo, we will not email you a reset link, but instead directly display it below. This is not typically how a website will verify you. We are simply speeding up the process just to show you how it would be done.

Please click on the reset link below to be directed to a page that would be typical of what you might see.

Click Here