Citadel Web

Make web logins
phishing proof

Put a hard stop on the biggest source of account breaches: phishing and credential theft. Give employees a passwordless MFA login using methods impervious to remote attack.

Why switch to passwordless web logins

Why switch

to security keys for computer logins

Biometrics or security keys completely remove the risks of phishing, password theft, and replay attacks. Regardless of an organization’s best efforts, there will always be someone to fall for the lookalike website, respond to the MFA push, and become the entry point for a breach. 

When stakes are high, a compromised account can’t hinge on one employee moving too quickly. With Citadel, teams can roll out single sign-on logins that make phishing completely ineffective.

Designed to be streamlined

Phishing resistant
authentication for
single sign-on

Use a touch or a look

To access any website behind single sign-on, employees simply enter a username and use Face ID, Touch ID, Windows Hello, or a YubiKey to authenticate.

Plugs into your identity provider

Plug Citadel neatly into your identity provider, keeping all your identity management in place. Citadel does the authentication. They handle the access.

Take control of your authentication

Decide what employees can use to authenticate into corporate resources; authenticators can be added or deleted. All methods use FIDO2 standards.

No agent, no app, no hassle

Users can easily enroll their authenticators directly in the Citadel web app. After that, they can use biometrics or a YubiKey. No additional software on devices to maintain.

 Integrate with major identity providers

Why we only use the FIDO2 standard

The FIDO2 standard has the backing of companies like Apple, Google, and Microsoft alongside hundreds of other organizations. With FIDO2, your cryptographic login credentials are unique for every website, they never leave your device, and are never stored on a server. Using this model removes any potential breach due to phishing, password theft, or replay attacks.

How you can get started

Request a demo with
a free 30-day trial

Get your team using strong authentication.

Identity tied to PKI

A smooth rollout

Hands-on support

How you can get started

Request a demo with
a free 30-day trial

Get your team using strong authentication.

Identity tied to PKI

A smooth rollout

Hands-on support

How you can get started

Request a demo with
a free 30-day trial

Get your team using strong authentication.

Identity tied to PKI

A smooth rollout

Hands-on support

Your questions, answered.

How does Citadel integrate with identity providers?

How does this differ from YubiKey MFA offered by identity providers?

Does Citadel provide audit logging capabilities?

Is this cloud hosted or on premises?

Do any FIDO2 authentication methods need a PIN?

How does a YubiKey’s PIN and a password differ?

What happens if a user loses their security key?