Why Doqubox uses passkeys instead of passwords
Doqubox protects sensitive documents. Passwords are too easy to reuse, leak, phish, or forget. Passkeys give every account a stronger sign-in method that is easier for people and safer by design.
Sign in to Doqubox
Use your passkey
No password field
Nothing to type, reuse, or leak.
Approve with your device
Fingerprint, face recognition, PIN, or password manager.
Cryptographic proof
Your private key never leaves your authenticator.
What is a passkey?
A passkey is a secure login credential based on public-key cryptography. Your device keeps a private key. Doqubox only stores the matching public key. When you sign in, your device proves it has the private key without sending it to us.
Private key
Only on your device
Stays on your device or in your password manager. It is unlocked locally with your fingerprint, face, PIN, or master password.
Public key
Stored by Doqubox
Stored by Doqubox. It can verify your sign-in but cannot be used to impersonate you or reconstruct your private key.
Why passkeys are safer for Doqubox
Doqubox is built for confidential files. Removing passwords removes one of the weakest links in account security.
Phishing resistant
A passkey is tied to the real website. A fake login page cannot simply trick you into typing a reusable secret.
Nothing password-like to leak
Doqubox does not need to store a password hash. A database leak should not reveal a secret that can be reused elsewhere.
Strong and simple
People can sign in with the security they already use for their device, without inventing or remembering another password.
Why we made passkeys the only option
Adding passwords as a fallback would bring back the exact risks we want to avoid: reset emails, reused credentials, phishing pages, and support workflows around forgotten passwords.
No password reset loophole
Account recovery is often where attackers aim. Removing passwords lets us keep the sign-in model more consistent.
Better fit for encryption
Doqubox combines account access with client-side encryption flows. A stronger account boundary helps protect sensitive files.
Less user burden
No password policy, no rotation reminders, no “which password did I use?” moments.
Works across modern platforms
Passkeys are supported by modern browsers, phones, operating systems, and password managers.
How to keep your passkey safe
Use a synced passkey provider
iCloud Keychain, Google Password Manager, Windows, or a password manager can help keep access available when you replace a device.
Protect your device account
Your Apple, Google, Microsoft, or password-manager account becomes important. Use strong recovery options and extra protection there.
Add passkeys on more than one device
Where possible, keep access from a second trusted device or password manager, especially for business-critical accounts.