LoginOS

Foundations

Fundamentals

The building blocks every login decision rests on — read these first before diving into patterns.

01

Passwords

AAAAAStill the default authenticator for most products — and the one most likely to be misconfigured.

Read more
02

Multi-factor authentication

A second factor is only as good as its fallback — design the whole chain, not just the happy path.

Read more
03

Passkeys

Phishing-resistant and passwordless by design — but adoption depends entirely on how they're introduced.

Read more
04

Sessions

The login screen gets all the attention; the session that follows is where trust is actually lived.

Read more
05

Account recovery

The path back into an account is the path most likely to be attacked — and most often designed last.

Read more
06

Identity proofing

Knowing a device belongs to a returning user is different from knowing who that user legally is.

Read more
07

Delegated access

Someone acting on another person's behalf is a normal case, not an edge case — design it as one.

Read more