🔵 AliceKeys - The Golden Circle Approach
🟡 WHY (The Purpose - Why does AliceKeys exist?)
Managing SSH keys shouldn’t be a security nightmare. Yet, most teams struggle with:
- 🔹 Static SSH keys that are hard to track and easy to steal.
- 🔹 Expensive hardware tokens that need physical shipping and replacements.
- 🔹 Compliance headaches when proving key security and attestation.
- 🔹 Poor user experience with complex key management systems.
We believe security should be effortless, strong, and built-in—not something you have to work around.
🟢 HOW (The Process - How does AliceKeys solve this?)
Instead of relying on static SSH keys or physical hardware tokens, AliceKeys uses a mobile-first approach:
- ✅ Keys are stored inside your phone’s secure enclave, ensuring they can’t be copied.
- ✅ Attestation verifies that only one key exists per device—guaranteed by the hardware manufacturer.
- ✅ Instant enrollment—no need to physically ship hardware tokens to remote teams.
- ✅ Enterprise-grade security with centralized management, compliance tracking, and team policies.
- ✅ Planned integrations with SSO (OAuth2, SAML) so SSH authentication can follow your organization’s security policies.
AliceKeys combines the security of a hardware token with the convenience of a smartphone.
🔴 WHAT (The Product - What is AliceKeys?)
AliceKeys is a mobile-first, hardware-backed SSH key system designed for developers, DevOps, and security teams.
- 🔐 Secure SSH Authentication – No passwords, no static keys, no copy-pasting.
- 🌍 Works Anywhere – No need to carry physical tokens or wait for shipments.
- 🏢 Enterprise-Ready – Centralized management, compliance tracking, and role-based access.
- 🔄 Modular & Extensible – Future-ready for OAuth2, FIDO2, short-lived keys, and more.
📌 Example Use Cases
🧑💻 Solo Developer – Hardware Security Without the Hassle
A solo developer wants hardware-based security for SSH keys but doesn’t want to invest in a YubiKey or similar hardware tokens.
They need strong security but want a better experience—without carrying extra devices or plugging anything into their laptop.
- ✅ AliceKeys turns their phone into a secure SSH key, eliminating the need for external hardware.
- ✅ No need to carry or connect anything—just authenticate via their phone.
- ✅ Perfect for independent developers, freelancers, and consultants who value security without extra hassle.
🏢 CTO / CISO – Enforcing Secure & Non-Copiable SSH Keys
A CTO or CISO wants to ensure all engineering personnel use hardware-backed SSH keys that cannot be copied or extracted.
They need centralized management, attestation, and compliance-friendly security—without distributing and tracking physical security tokens.
- ✅ Guaranteed that each key is stored inside a trusted enclave, verified via attestation.
- ✅ Impossible for engineers to duplicate or export keys, ensuring strong security policies.
- ✅ Audit logs & compliance tracking help meet security requirements effortlessly.
- ✅ Easier deployment than hardware tokens—no need for shipping or manual handling.
🌍 Remote Engineering Teams – No More Shipping Hardware Tokens
A global company with remote engineers and contractors struggles with managing physical security keys like YubiKeys.
They waste time and money shipping tokens and replacing lost devices, slowing down onboarding.
- ✅ AliceKeys enables remote SSH access instantly—no waiting for hardware.
- ✅ No risk of lost, stolen, or forgotten security tokens—keys stay securely inside each developer’s phone.
- ✅ Perfect for distributed teams & companies hiring international contractors.
🔄 Short-Term & Temporary Access for Engineers
A security-conscious company doesn’t want to give developers permanent SSH keys but needs a way to grant short-term access when necessary.
- ✅ AliceKeys enables short-lived SSH authentication—admins can grant access for a set time.
- ✅ Developers request temporary access, and admins approve it via secure workflows.
- ✅ No long-term SSH keys lying around, reducing attack surfaces.
🚀 Want to try AliceKeys? Join the waitlist now
💡 Have feedback? Let us know—good, bad, or brutal!