Welcome to GuardianKey Documentation

GuardianKey offers three complementary and innovative solutions to protect web systems, authentications, and forms against automated threats and malicious access. Get to know each one:

🔐 Auth Bastion

Auth Bastion is a multi-factor authentication solution that acts as a bastion between the user and protected systems. It enables two-factor authentication (2FA) without changing the original system's code, supporting GovBR login, TOTP, and custom access rules. It's ideal for integrating advanced security into legacy systems or those without native MFA support.

🔍 Auth Security

Auth Security is the intelligence core of GuardianKey. It analyzes authentication attempts in real time, calculates a risk score based on context, behavior, and threat intelligence, and provides recommendations to allow or block access. Fully integrated with login systems, it can act as an adaptive decision module for authentication.

🛡️ GKTinc (This Is Not CAPTCHA)

GKTinc is a cryptographic deterrence system designed to stop large-scale automated abuse, including brute force, credential stuffing, and denial of service. Instead of visual challenges, it applies a silent, dynamic computation in the browser (via JavaScript) and validates it on the backend, with complexity adjusted to the origin risk. The result is a mathematical barrier that is costly for bots but nearly invisible to users—an effective alternative to traditional CAPTCHAs without interrupting the experience.

Explore the documentation to learn how to deploy, configure, and get the most out of GuardianKey solutions.