PASSCARDS quantum key

Authentication people actually remember.

Passcards replace passwords with remembered visual patterns.

If a user can remember how to ride a bike, they can remember their Passcard.

The Problem (What Devs Already Know)

Passwords are not a security problem.

They're a human memory problem that leaks into your system.

You see it every day:

  • Users forget passwords
  • Resets dominate support tickets
  • Auth flows grow complex
  • Security hardens, UX degrades
  • Workarounds multiply

None of this scales socially.

The Reframe (The Truth)

Humans don't remember strings.

They remember patterns, rhythm, and repetition.

We've known this forever:

  • Procedural memory beats recall
  • Repetition beats complexity
  • Rhythm beats length

Authentication ignored this.

Passcards is built on it.

The Solution (What Passcards Is)

Passcards is pattern-based access.

Instead of typing a secret, users recreate a visual pattern they remember.

  • No passwords
  • No magic strings
  • No cognitive mismatch

Just a learned motor pattern.

How It Works (One Breath)

  1. 1.User chooses a 4-card baseline pattern
  2. 2.Pattern is serialized and hashed with Scrypt
  3. 3.On access, the user repeats the same pattern
  4. 4.Hashes are compared, session is issued

Patterns are never stored in plaintext.

Security supports memory fit. Not the other way around.

Why This Works (For Humans)

Passwords use declarative memory

"What is the string?"

Passcards use procedural memory

"How do I do this?"

Procedural memory:

  • Strengthens with use
  • Survives stress
  • Doesn't decay the same way
  • Requires less conscious effort

That's why users stop forgetting.

Why This Matters (For Devs)

Fewer support tickets

Teams report 80–90% fewer reset requests.

Simpler auth flows

No reset funnels. No password UX debt.

Predictable behavior

  • Deterministic patterns
  • Explainable errors
  • Auditable events

Security without hostility

Strong KDFs, rate limiting, timing-safe comparisons — without punishing users.

Scaling Security Without Breaking Memory

Passcards uses a 4-card baseline identity.

Need more security?

Repeat the same baseline:

  • 2× for 8
  • 3× for 12
  • 4× for 16

No new secret.

No re-enrollment.

No user confusion.

Same pattern. Deeper groove.

Recovery (Where Passwords Collapse)

Passwords reset.

Passcards recollect.

"Forgot your pattern? Let's help you remember it."

Recovery:

  • Uses the same card grid
  • The same 4-step rhythm
  • The same calm pace

No panic. No shame. No countdown timers.

Integration (Fits Your Stack)

  • OAuth2 / OIDC compatible
  • Works alongside Google, GitHub, email auth
  • Next.js, Node, Serverless, Supabase, more

Install with:

npx passcards-auth init

Bring your own database.

Bring your own auth flow.

Passcards slots in cleanly.

What Passcards Is Not

  • Not a password alternative
  • Not an auth SDK competing on features
  • Not a UI gimmick

Passcards is an authentication primitive built for human memory.

Stop fighting how users remember.

Pattern-based access starts here.