A password-less authentication system is described herein. Also described are the devices used for such a system and the method and process implemented. The system employs asymmetric cryptography to enable users to log in to various systems or services on different platforms or computers by the aid of a mobile device. Users' credentials are kept privately in the mobile device, and not leaked to the network or any web service. In addition, the web service can verify users' authentication request by solely public information of users' credentials.