Pretty much as answered already, passkeys (sometimes branded like FaceID or Windows Hello but it is an open spec) are an alternative to passwords. Your public key that identifies your user is stored in VoidAuth and your private key is stored on your device. Some password managers support syncing passkeys, so you don’t have to set up a new passkey on every device.

The advantage over passwords is that they are domain and device specific, so are much harder to be leaked from the client side. VoidAuth (or other services) should only be storing your public key so a leak on the server side would not allow someone to log in as you.

I have never used nforwardauth, but it looks like it offers a subset of the functionality of VoidAuth. Both support proxy-auth, but VoidAuth has user management features and also supports OIDC, passkeys, etc. I think nforwardauth looks like a great project, you can always setup VoidAuth alongside and try it out!

My previous setup was with Authelia and lldap, and VoidAuth is heavily inspired by a combination of both. I think the advantages VoidAuth has are simple user management, supporting user registration/invitation, more branding customization, and a better end-user UI (imo).

There are other great selfhosted auth solutions such as Authelia and lldap, and also Authentik, Keycloak, pocket-id, and Rauthy. I would encourage anyone looking for a selfhosted auth solution to shop around!