This site provides installation and update downloads for the KH Authenticator application which registers and authenticates a user without a password or email address. The authentication process qualifies as multifactor. The application is installed on something you have. To access the online account, you must provide a PIN (something you know) or a recognized fingerprint scan (something you are). The KH Authenticator application is developed with .NET MAUI and is available for Windows and Android.

From the beginning of online accounts, we had passwords. Then we got “I forgot my password”. Password recovery processes were developed to reduce support fatigue. The most popular recovery mechanism is a link with a password reset token sent to the user by email. Then we got “I didn’t get the email”. To help mitigate email delivery issues, the online account registration process required a confirmed email address before access is granted. This discourages users from registering because they fear their email address will be sold, stolen, shared, or abused by email spammers. If passwords are removed, the email address can become optional.

There are alternatives to passwords like Windows Hello and FIDO2 security keys promoted by the FIDO Alliance. The Users Without Passwords Project, Users Without Passwords and the Users With Device 2FA Project, Users With Passwords implement these technologies. Version 2.x of the projects support the KH Authenticator API. The V2 projects will be available for download soon.