I recently saw this TechCrunch article about a “Y-Combinator backed” startup called 0pass, promising to “make it easier” for organizations to adopt passwordless authentication. This, as with nearly every authentication-related startup, was pretty interesting to me. But I was surprised to see this screenshot in the article, ostensibly displaying 0pass’s product:
As an Authentik user and (kind of) contributor, I instantly recognized this UI as a very poor rebrand of Authentik, which you’ll probably notice too after seeing this screenshot of Authentik’s UI.
Obviously, doing something like that, even for commercial purposes, is totally OK given Authentik’s MIT license. But it still doesn’t leave a very good taste in my mouth. I asked about this situation in the Authentik Discord server, and I guess Authentik’s CEO couldn’t help but notice the similarity either.
Luckily, it turns out 0pass’s CEO is in the Authentik Discord server too and quickly clarified for all of us.
So, it turns out the issue is TechCrunch’s fact checking and not 0pass. I’m glad it’s not yet another case of SaaS companies profiting off what’s essentially a hosted version of open source software (see CockroachDB’s dilemma, for example) and I’m certainly excited to see what’s next for both Authentik and 0pass.