A nonprofit building standards, policies, and naming infrastructure to make the internet safer. Supporting people, organizations, and the systems that connect them.
Learn moreThe Digital Access Foundation exists to solve a problem that has plagued the internet since its commercial expansion: there is no reliable signal, at the infrastructure level, that a given access point is legitimate.
Phishing, credential theft, and impersonation attacks exploit the fundamental ambiguity of domain names — any string of characters can host any kind of service. We addresses this at the root, not the surface.
By operating a class of top-level domains governed by enforceable technical policy: mandatory HTTPS, verified operator identity, compliant authentication standards — we establish a namespace where the address itself carries meaningful trust.
This model extends beyond consumers. Internal enterprise access points, authentication gateways in regulated industries, and cross-organisational identity infrastructure all benefit from a namespace with auditable, enforceable guarantees.
.login is a proposed top-level domain operated by the Digital Access Foundation, applied for in the 2026 ICANN new gTLD round. It establishes a globally recognised, policy-enforced namespace for internet authentication endpoints.
Any domain registered under .login is required to function exclusively as a legitimate, standards-compliant, HTTPS-enforced authentication endpoint. There will be no exceptions and no general-purpose registrations.
This is not a brand registry. Any operator of a genuine authentication service can apply and any domain that stops meeting the standard loses its registration.
Registry commitments under our founding charter are technically enforceable, not merely contractual. If a domain fails to meet the standard, it is suspended automatically, not at discretion.
Any legitimate organisation operating an authentication service can apply to register under .login. The barrier is technical compliance, not commercial affiliation or membership fees.
The end user, the person who sees a .login address in their browser, is the primary beneficiary of our policy framework. Registrant convenience is secondary to user trust.
The trust infrastructure we build for .login is designed to be extensible to enterprise networks, hardware-level authentication, and future classes of access infrastructure we are developing in parallel.
The Digital Access Foundation is constituted as a public-interest organisation. Its objects are to operate internet naming infrastructure that promotes security, trust, and user protection. Nothing else. Surplus revenue is reinvested into standards development.