Passwords

Simple and secure password authentication, complete with breach detection and recovery options

Compliant with NIST 800-63B

Developed by the US Department of Commerce, Clerk complies with NIST 800-63B to ensure that user passwords are secured to the highest standard.

Blocks credential stuffing

Clerk actively tracks data leaks across the internet to ensure that leaked passwords cannot be used for a credential stuffing attack.

Benefits of passwords

Despite the buzz about passwordless authentication, our data shows that passwords still deserve their place in sign-in flows.

Faster than passwordless (except Social SSO)

Passwords average 4.1 times faster than magic links and passcodes, but are slightly slower than Social SSO.

Easy for everyone

Password are ubiquitous and easy to understand. And unlike Social SSO, passwords can be used by everyone, not only users who have an account with third-party like Google.

Forgot password? No problem

An unfortunate reality of passwords is that they're occasionally forgotten. Clerk allows users to access their account by trying another method like magic links or passcodes.

Robust, active security

For user security – and for NIST 800-63B compliance – we offer robust password protections in every Clerk plan.

Password leak protection

We use HaveIBeenPwned to quickly prevent leaked passwords from being used in a credential stuffing attack.

Brute force detection

We detect brute force and dictionary attacks to stop malicious actors before they gain access to an account.

Salted and hashed with BCrypt

We use the industry-standard, BCrypt, to salt and one-way hash passwords before they are stored.

Ready to see what Clerk can do for you?Start your free trial today

Start completely free with up to 500 monthly active users. No credit card required.

Start building now