What do you think about passwordless authentication?

Felipe Millan
7 replies
I would like to know if you use or understand what passwordless is or if you consider it essential on any web service or mobile app that you use?

Replies

Jorge Díaz
What are the available alternatives? - Email link based? - ...
Ezzat Suhaime
It's niceeeeeeee. Sign in with Google baby
Fabienne Bühler
I love passwordless authentication. Its a secure way to authenticate my user and I don't have to remember my passwords anymore. Also now almost all devices have some passwordless authentication possibilities.
Arpana Dhaka
I do understand passwordless, and it is good to have for applications that I use. If applications use password login, I end up resetting password 90% of times except my Google account - reset % for this is close to 30-50%. Mostly, it's always logged in my device. But yes, I would prefer passwordless everytime over passwords
Kartik J. 👷
@felipe_millan - You have raised a great question. I think businesses now should start thinking about the new technology which is better in terms of UX and security both. There is big complexity with passwords. On any website I use today on the internet, we have account creation and passwords. so you should be either able to smart enough to remember all the passwords or you may repeat passwords. But that is Risky. Even using a password keeper is a workaround for problems where businesses are not able to provide quick authentication with security. Passwordless authentication is gaining in popularity due to its convenience, security, and user experience. It has the potential to reduce the amount of time it takes to log into an account and reduce the risk of someone else accessing a user’s account without their permission.
Raj @ Vault Vision
Use true passwordless that doesn't require a password to setup or register. Passkeys made facial recognition, fingerprint, and pin based verification possible on all devices and supported by Apple, Google and Microsoft. Do not use magic links or MFA as they are susceptible to hacking.
Vincent Delitz
I've been working ona passwordless solution now for more than a year and in my opinion you need to distinguish between different passwordless authentication methods. If you line them up, you have: - Email magic links - OTPs (via SMS or email or Authenticator Apps) - Social login (via OAuth / OIDC) - Passkeys (mainly biometric authentication). It always depends on your goals if you want to increase security or improve UX. Some are easier to implement while other require more method. Besides that, you also need to consider the user group of your product and which devices they use (or are they using multiple devices to access). From what I've learned is that once you offer a passwordless authentication method, you cannot go back, as your users are becoming used to it. Especially, in the case of passkeys - which in my opinion is the best passwordless auth method - users can get addicted to it as it's so simple and also highly secure.