Krypton Authenticator
Krypton implements the standardized FIDO Universal 2nd Factor (U2F) protocol to provide secure, unphishable two-factor authentication on the web, now in the convenient form factor that is your phone.
- Tired of typing 6-digit codes?
No more mistyping, missing 30 second windows, or waiting endlessly for that SMS.
- Instant Sign-in
Krypton securely pairs with your computer so that you don't have to touch your phone for each sign-in. Optionally, enable One tap sign-ins for enhanced security.
- Stops Phishing
SMS and authenticator app codes can easily be phished. Don't let that happen to you. Krypton protects you from phishing.
- Works with the sites you love
Google, Facebook, Twitter, Dropbox, GitHub and many more.
- Quickly protect your accounts
Setting up two-factor can be time consuming and repetitive. Just scan once with Krypton.
Get started by pairing Krypton with your browser by downloading our browser extension at: https://krypt.co/start.
>> Are you a developer?
Krypton supports developer mode so you can use Krypton as a security key for SSH and PGP private keys in addition to U2F.
Download our command line utility `curl https://krypt.co/kr | sh` and type `kr pair` to securely pair Krypton with your computer. Krypton integrates with the `ssh` command to send signature requests right to your phone. Krypton also makes signing Git commits and tags with PGP easy: run `kr codesign` to get started.
>> Unbeatable Security
Krypton is built on top of an end-to-end verified and encrypted architecture. This means zero trust. We, Krypt.co, have zero information about keys or where you're authenticating. The keys only live in the Krypton app on your phone.
The source code can be found at github.com/kryptco.
Learn more here: https://krypt.co/docs/security/security-architecture.html.
Category : Productivity
Reviews (29)
Great features. Everything works as advertised. But first time experience is so bad. Have you ever done any user testing? I had to rely on a friend of mine to help me setup this app. He is long time user so he helped a lot. Please consider some user testing when your user is given your homepage and they need to set up everything from websites to SSH. You will know immediately what I'm talking about.
I have the app installed and its 2.5.5 but I don't see the team tab If I can get this fixed then I will change my review. I'm trying to get my servers set up with this, but 'creating a team' is not yet supported through the command line, and it doesn't show on the app like it says in the command line output
i liked the fact i can confirm a logon request but if my phone is locked when the prompt comes up, i would expect the prompt to still be there when i unlock my phone, its not. also pairing failed when i used my fingerprint, but the fingerprint icon is on the pairing screen. so too clunky for me, but i love the concept
Does what it says. Great as a second or backup U2F token. You always want to have at least two U2F keys enrolled on your accounts so as not to be locked out of your accounts by losing your only key... Install the Krypton browser plugin on the desktop browser, install the phone app, then enroll your phone as a U2F key for the website you want to authenticate on. I find Krypton is usually more convenient than using the Yubikey on my keyring as my phone is usually closer to hand than my keys.
This is a fantastic use of Android phones that meet the requirements to be a FIDO hardware authentication token. The fact that I can use it for my ssh sessions with the kr package is also amazing.
Not reliable as hardware 2FA, but good alternate because cheap. My question: How to migrate data because I want to change smartphone?
Cannot add sites that aren't supported by the app. I don't like using two authentication apps, so I'll just stick to using Authy.
Failed to work with GitHub; now locked out. Have not managed to get the app to work with other websites' 2FA systems, either. Avoid like the plague.
I don't understand how to use it, I've installed ff extension and this app. It says that I need to visit krypt.co/start page, then redirects me to gitlab, which generates qr code and suggests to download Google Authenticator. do I really need to download more Authenticators to make this work?
I really love the idea but it simply didn't work. It never registered as a u2f token on any site I tried
magic for secure key management for SSH keys and codesigning. Pretty cool for U2F, too.
4 stars only because the app has to fully open to accept the notification
Fantastic! Easiest way to set up 2FA and SSH/GPG keys. Great job, devs!
lil tech savvy needed but is Defff worth the effort!!!
Love it, save yourself some cash by not having to buy multiple hardware keys. You can use this and a Yubikey to advance protect your Google account.
If I enable "Developer Mode" along with "One-Touch U2F Login option off", then the logins get stuck and never seem to get approval from the Mobile Phone. It works as intended once I turn off the developer mode.
Pairing with sites doesn't work
Truly amazing app, found it really easy to use and takes a lot less time than totp. If you could add the option to backup the private key it would be perfect
Crashes fixed, and it works smooth as ever
I just wanted to generate a key pair on android tablet. Looks like I made a wrong turn here. There is no option to just view or copy the keys. Installing stuff on remote hosts is a bit more than I was up to. Still gave 5 stars to not upset anyone.
Works in general but got stuck too often.
A great concept, well implemented. It even has some advantages compared to smart cards with the audit log and additional information contained in the signing requests. This will now be my way to sign code at least on remote workstations.
Using your smartphone as a secure storage for your SSH and PGP keys is an amazing idea! I wish there was a generic password manager implemented like this. Thanks a lot for your awesome work!
Great app, great concept. I haven't gotten it to play nice with gpg-agent, and am using a $GIT_SSH_COMMAND workaround with another config file to use kr. Hopefully it becomes more seamless, or I figure out how to use it correctly.
This is absolutely amazing.my only issue is I have no way of backing up my private key and since I have been using the app my phone has needed a reset 3 times and it's starting to get a bit troublesome to reset all my servers each time.
That's an amazing concept implemented very well.
Super easy setup and it works great! Small bug: The camera was upside down when scanning the QR code
Simple and awesome! Thank you.
Great, easy to use two factor authentication solution. Doesn't quite work for GitHub and advertised, but works very well on other services I have used it with, including ssh for my VPS. Wish it worked with more services out of the box.