Beezifi Identity
Personal Zero-Trust Identity System

You decide who
gets to see you.

Most identity systems hand control to the provider. Beezifi Identity flips that. You set the rules — which apps can access your account, from which countries, on which devices, at what hours. Every sign-in attempt is evaluated against your policy, every time.

Free forever — no credit card, no trial
Block any app instantly — they see nothing
Time, country, and device rules built in
Full audit history — every access logged
identity.beezifi.com/dashboard
Dashboard
My Apps
Security Policies
Active Sessions
Settings
3
Allowed Apps
2
Ghosted Apps
1
Active Session
ApplicationStatusLast Access
Beezifi CRMAllowed2 min ago
WorkspaceAllowed1 hr ago
Untrusted AppGhostedBlocked
Foreign ServiceGhostedBlocked
Zero-Trust Explained

Traditional SSO hands over control.
We give it back to you.

With Google, Okta, or Auth0, you sign in and hope the provider's rules are strict enough. With Beezifi Identity, you author the rules — and they're enforced on every single sign-in attempt.

Traditional Identity Provider
The provider decides what's allowed. You just sign in and hope.
Identity Provider controls access Any App Any App Any App You (no control) Provider sets the rules
Beezifi Identity — Zero-Trust
Your policy is evaluated on every request. You control every door.
YOUR POLICY ✓ Allowed ✓ Allowed 👻 Ghosted 👻 Ghosted You set the rules
Signature Feature

App Ghosting.
Block it and it
ceases to exist.

When you ghost an app, it doesn't get an error or a "denied" message. From its perspective, your account simply doesn't exist — zero information leaked, zero attack surface.

Zero Information Leakage
The blocked app receives a standard OAuth "access denied" — it can't tell if the account exists, is locked, or if you simply never heard of them.
Instant, No-Lag Enforcement
Add an app to your block list and every subsequent sign-in attempt is stopped at the policy engine — before any token is issued.
Invisible to the App
Unlike blocking at the app level (where the app still knows you exist), ghosting at the identity layer is truly opaque. You vanish.
Third Party App sign-in attempt POLICY ENGINE BLOCKED access_denied "Account doesn't exist... maybe?" Your side Their view Your Account Safe & Intact
All Features · All Free

Every dimension of access
under your control

Six independent policy layers, all running simultaneously on every sign-in attempt.

Per-App Allow & Block Lists

Whitelist specific apps so only they can use your identity. Or block specific apps and ghost them — all from a single toggle. No app ever gets access you didn't explicitly choose.

Beezifi CRM Allowed
Unknown App Ghosted
New App No restriction
Geographic Restrictions

Allow sign-ins only from countries you trust. Block entire regions. Your location is automatically detected at sign-in and checked against your policy — every time.

US CA GB CN RU ✓ Allowed countries ✗ Blocked countries IP detected automatically at every sign-in
Time-Based & Day-of-Week Rules

Only allow sign-ins between 9 AM and 6 PM UTC. Restrict access to weekdays only. Combine time and day rules for precise access windows — enforced on every attempt.

Hours (UTC) 0 9 18 23 Days Sun Mon Tue Wed Thu Fri Sat
Device Trust & Fingerprinting

Register your trusted devices. Sign-ins from unrecognized devices are rejected, even if the credentials are correct. Add fingerprints from your dashboard with one click.

a3f9d2e1b8c4... Trusted
7c2b1a0e9f3d... Trusted
Unknown device Blocked
Two-Factor Authentication

TOTP-based 2FA compatible with Google Authenticator, Authy, and any standard authenticator app. Setup takes 30 seconds with a QR code scan. Disable any time from settings.

6-digit code 4 8 2 9 1 7 Refreshes every 30 seconds · Works offline
Full Activity History

Every sign-in, blocked attempt, and sign-out is logged with the IP address, country, app name, and timestamp. See exactly who accessed what and when — always.

Sign in Beezifi CRM · US · 2m ago
Blocked Unknown App · CN · 1h ago
Sign in Workspace · US · 3h ago
Your Policy Dashboard

Every rule in one place.
Changes take effect instantly.

No CLI. No config files. No waiting for a deployment. Toggle a rule on your dashboard and the next sign-in attempt is evaluated against the new policy within milliseconds.

No propagation delay
Policy is read at the moment of each sign-in attempt — not cached from a previous read.
Layers stack independently
An app can be allowed but still blocked by country, device, or time rule — all six layers apply simultaneously.
Auto-save with visual feedback
Changes save automatically as you edit — no "Save" button to forget, no unsaved state to lose.
Security Policies
App Access
Beezifi CRM
✓ Allowed
Suspicious App
👻 Ghosted
Countries
US CA GB CN RU
Active Hours (UTC)
09:00 – 18:00 UTC · Mon–Fri
Trusted Devices
a3f9d2e1b8c4... +1 more
Policy saved
How We Compare

The only identity system
where the user makes the rules

Enterprise providers optimize for administrators. Beezifi Identity optimizes for the individual.

Feature Beezifi Identity Google SSO Auth0 / Okta
Price Free forever Free (limited) Paid
User-controlled per-app block list
App ghosting (zero info leakage on block)
User-defined country restrictions Admin only
User-defined time & day-of-week rules Admin only
Personal device trust / fingerprinting Partial Admin only
TOTP two-factor authentication
Per-request policy evaluation (no caching) Varies
Full personal activity history Limited Admin only
OAuth 2.0 / OIDC standard protocol
Session revocation per device Limited
Pricing

Identity as a right,
not a subscription.

$0
Free. Forever. No tiers.
All six policy layers
Unlimited apps
App ghosting
Country & time rules
Device trust
TOTP 2FA
Full activity history
No credit card ever

We believe personal identity protection should be available to everyone. Beezifi Identity is our contribution to a safer internet — a free public good, not a product to upsell.

Create Your Free Account Sign In
FAQ

Common questions

Zero-trust means no app is trusted by default — every sign-in attempt must satisfy your policy to succeed. "Personal" means you define that policy, not an administrator, not the identity provider. Traditional SSO says "trust everything unless the org blocks it." Beezifi Identity says "block everything unless you explicitly allow it."
When you add an app to your block list, any sign-in attempt from that app is terminated at the policy engine before any token or user data is generated. The app receives a standard OAuth access_denied error — the same response it would get if the account didn't exist at all. It cannot determine whether the block is intentional, whether the account exists, or why access was denied. You are invisible to that app.
Beezifi Identity uses standard OAuth 2.0 and OpenID Connect (OIDC) — the same protocols used by Google, GitHub, and Apple for SSO. Any app that integrates Beezifi as an identity provider can take advantage of your policy controls. App developers can register their apps in the My Apps section and follow the developer documentation to add "Sign in with Beezifi."
No catch. Beezifi Identity is a free public service offered by Beezifi Inc. as part of our mission to give individuals real control over their digital lives. We believe personal identity protection should not require a subscription. There are no premium tiers, no feature locks, and no credit card — ever.
Time rules are evaluated in UTC. You set start and end hours in UTC (0–23) and optionally restrict to specific days of the week. The policy dashboard shows this clearly. Since sign-in attempts are evaluated on the server in UTC, the restriction is consistent regardless of where the sign-in originates.
Yes. Every sign-in attempt — successful or blocked — is recorded in your Activity History with the app name, IP address, country, reason for block, and timestamp. You can see exactly when an app tried to access your identity and whether it succeeded or was denied.
When you set up 2FA, you are shown the secret key alongside the QR code. You can store this key in a password manager and re-enter it in any TOTP-compatible app to regenerate your codes. If you lose all access, contact Beezifi support with account verification details to initiate a manual recovery.