Create Passkey Account

{#if step === 'info'} Create an ultra-secure account using a passkey instead of a password. {:else if step === 'passkey'} Register your passkey to secure your account. {:else if step === 'app-password'} Save your app password for third-party apps. {:else if step === 'verify'} Verify your {channelLabel(verificationChannel)} to complete registration. {:else} Your account has been created successfully! {/if}

{#if error}

{error}

{/if} {#if loadingServerInfo}

{:else if step === 'info'}

Handle {#if handle.includes('.')}

Custom domain handles can be set up after account creation.

{:else if fullHandle()}

Your full handle will be: @{fullHandle()}

{/if}

Contact Method

Choose how you'd like to verify your account and receive notifications.

Verification Method

{#if verificationChannel === 'email'}

Email Address

{:else if verificationChannel === 'discord'}

Discord User ID

Your numeric Discord user ID (enable Developer Mode to find it)

{:else if verificationChannel === 'telegram'}

Telegram Username

{:else if verificationChannel === 'signal'}

Signal Phone Number

Include country code (e.g., +1 for US)

{/if}

Identity Type

Choose how your decentralized identity will be managed.

did:plc (Recommended) Portable identity managed by PLC Directory did:web Identity hosted on this PDS (read warning below) did:web (BYOD) Bring your own domain

{#if didType === 'web'}

Important: Understand the trade-offs

Permanent tie to this PDS: Your identity will be did:web:yourhandle.{serverInfo?.availableUserDomains?.[0] || 'this-pds.com'}. Even if you migrate to another PDS later, this server must continue hosting your DID document.
No recovery mechanism: Unlike did:plc, did:web has no rotation keys. If this PDS goes offline permanently, your identity cannot be recovered.
We commit to you: If you migrate away, we will continue serving a minimal DID document pointing to your new PDS. Your identity will remain functional.
Recommendation: Choose did:plc unless you have a specific reason to prefer did:web.

{/if} {#if didType === 'web-external'}

Your did:web

Your domain must serve a valid DID document at /.well-known/did.json pointing to this PDS

{/if}

{#if serverInfo?.inviteCodeRequired}

Invite Code *

{/if}

Why passkey-only?

Passkey accounts are more secure than password-based accounts because they:

Cannot be phished or stolen in data breaches
Use hardware-backed cryptographic keys
Require your biometric or device PIN to use

Want a traditional password? Register with password

{:else if step === 'passkey'}

Passkey Name (optional)

A friendly name to identify this passkey

Click the button below to create your passkey. You'll be prompted to use:

Touch ID or Face ID
Your device PIN or password
A security key (if you have one)

{:else if step === 'app-password'}

Important: Save this app password!

This app password is required to sign into apps that don't support passkeys yet (like bsky.app). You will only see this password once.

App Password for: {appPasswordResult?.appPasswordName}

{appPasswordResult?.appPassword}

I have saved my app password in a secure location

{:else if step === 'verify'}

We've sent a verification code to your {channelLabel(verificationChannel)}. Enter it below to complete your account setup.

{#if resendMessage}

{resendMessage}

{/if}

{:else if step === 'success'}

✔

Account Created!

Your passkey-only account has been created successfully.

@{setupData?.handle}

{/if}