Autofill that just works.
ZeroAuth integrates with Apple's AutoFill API and Android's Autofill Service. Your verification codes, usernames, and passwords appear directly in your keyboard recommendations. No app switching, no copy-pasting, no manual entry. Just tap.
Access Granted
Logged in securely using end-to-end device credentials.
ZeroAuth Admin SSO Console
Verification required. Enter your vault credentials to proceed.
Two-Factor Authentication
Enter your 6-digit vault verification code to complete sign-in.
Codes refresh securely every 30 seconds. ZeroAuth autofill fetches and updates the rotating code instantly.
No manual characters needed. Login names, complex passwords, and 2FA tokens are injected in a single tap.
Autofill suggests credentials entirely on-device. No network call is made during password or TOTP extraction.
How ZeroAuth Autofill Works
ZeroAuth detects the field type and active domain.
Where Autofill Works
ZeroAuth uses only native APIs — no accessibility hacks or custom keyboards. This ensures complete platform security and maximum speed.
System-Level Security APIs
Inspect how ZeroAuth sandboxes and executes TOTP lookups natively on Apple and Google platforms.
ASCredentialProviderViewController Architecture
On iOS, ZeroAuth implements the official AutoFill extension pipeline. The extension launches inside a dedicated, sandboxed process independent of the main app, with access restricted by Apple.
Sandboxed Isolation
The extension process is completely isolated. It reads TOTP keys from the system secure keychain utilizing App Groups, ensuring zero access to external network resources.
QuickType Provider
By conforming to Apple's credential provider protocols, suggestions are displayed directly in the native keyboard bar, completely bypassing custom input overlays.
Biometric Handshake
Enforce Face ID or Touch ID authentication directly in the extension panel before any TOTP code or password is loaded. Secure from unauthorized hands.
RFC 6238 On-Demand
ZeroAuth generates TOTP tokens on-the-fly inside the extension. Keys are calculated dynamically and immediately passed to the field, keeping credentials un-cached.
Domain-Locked Autofill Security
Human validation is bypassable. ZeroAuth delegates domain verification to the system, neutralizing phishing sites automatically.
Attackers set up identical lookalike pages to capture input. Users who copy-paste codes or rely on basic password managers that accept similar names fall victim. Real-time proxy frameworks immediately relay entered codes to hijack sessions.
ZeroAuth binds your accounts to exact registered domains or app package certificate signatures. When page forms load, ZeroAuth requests the domain. If there is a single mismatch, autofill stays silent. No prompts, no suggestion, zero leakage.
Everything in ZeroAuth Autofill
Every detail is engineered for convenience, local integrity, and cryptographic safety.
Live OTP Keyboard sync
OTP codes refresh and suggest inside Gboard and QuickType. They update dynamically as keys cycle, ensuring no copying is ever required.
Integrated Vault suggestions
Access credentials securely alongside TOTP codes. ZeroAuth automatically maps matching logins and passwords to form inputs.
Silent Phishing Defense
Autofill will only trigger when the active domain matches your account settings exactly. Protecting you from lookalike exploits.
Biometric Fill Protection
Secure access with system biometrics. Authenticate using Face ID or system fingerprint before any token fills a form.
Zero Access Overlays
Integrates with standard operating system autofill libraries. Requires no custom keyboards, overlays, or security compromises.
100% Offline Generation
TOTP calculation and lookup occurs locally. Credentials remain encrypted and stored locally in the secure enclave.
Getting Started With Autofill
Enable on iOS
- 1Open Settings → Passwords → Password Options
- 2Under "Use Passwords and Passkeys from", check ZeroAuth
- 3Select any login or verification code field — ZeroAuth will appear in the native suggestion bar above your keyboard
Enable on Android
- 1Open Settings → General Management → Passwords & Autofill
- 2Tap "Autofill service" and select ZeroAuth from list
- 3Tap any login or OTP input field — ZeroAuth inline suggestion chips will display inside your system keyboard row
Frequently Asked Questions
No. The autofill process takes place 100% locally on your device. ZeroAuth retrieves keys from your secure offline vault or Keychain, calculates the current TOTP dynamically, and fills the requesting field via local operating system APIs. No connection is initiated, and credentials never cross your device boundary.
No. ZeroAuth utilizes only native platform APIs (Apple's ASCredentialProvider and Android's Autofill Service). Unlike other authenticators, we do not require Accessibility Services (BIND_ACCESSIBILITY_SERVICE) or System Alert overlay permissions, which are frequent security flags for malware.
If the active domain does not exactly match the saved account configuration, ZeroAuth will not present suggestions. The autofill bar stays completely silent, functioning as an intuitive signal that you are visiting an insecure lookalike domain.
Yes. In the ZeroAuth application, edit your credentials to specify multiple linked domains. ZeroAuth will then suggest that credential for all matching websites.
Yes. TOTP generation uses local system time and deterministic cryptographic algorithms. Your database matches and credential suggestions are computed entirely offline. You can autofill in airplane mode or deep underground with zero latency.
Yes. ZeroAuth provides granular configuration: you can require Face ID or fingerprint recognition before details are injected, protecting your accounts if your device is unlocked and unattended.
Never type a code again
Securely autofill usernames, passwords, and dynamically rotating TOTP codes in a single tap on iOS and Android.