Make passwords disappear with a touch of Magic
Start new thread
Chris Messina

Magic - Make passwords disappear with a touch of Magic

by
Raycast
Passwords are the bane of app security. With a few lines of code and no bloat, Magic lets you build apps with blazing-fast, customizable, passwordless login - with future-proof crypto and identity tech under the hood.

Add a comment

Replies

Best
Akash Nimare
@_seanli Great product. I was lucky to have the glimpse of this during ETHDenver :) I have a basic doubt here - Consider a case where someone stole my device and somehow managed to get the device password. Now that person will be able to get into the app via clicking on the magic link from the email client. How do you take care of the security in this case?
Sean Li
Maker
@meakaakka Thanks Akash! Magic link relies on the users' security of their email. It's a good place to help users get started, the goal here is progressive disclosure, eventually graduate users towards more sophisticated device based login via WebAuthn / our own mobile authenticator app
Akash Nimare
@_seanli got it. The challenge here is to let users get familiar with the magic link flow. And I think a mobile authenticator app would surely fix this security issue.
Soham G
This is amazing and looks pretty simple to integrate. I will give this a try. Is there any other way to send links other than emails? What other applications can this be extended to other than logins? Great Job!
Sean Li
Maker
@soham_g Thanks so much! We are working on WebAuthn and mobile authenticator app for one-click login first, then we may explore other ones like phone number.
Nicolás Quiroz
This looks really neat, congrats for the launch!!! Can you tell me the benefits vs using something like Firebase Auth (email link), besides no vendor lock-in? Thx!
Sean Li
Maker
@nhsz Vendor lock-in is definitely a major benefit! On top of that is a lot of convenience, you can think of our decentralized auth approach like the "Docker for Auth", where your resource server only needs to deal handle the DID token standard and plug-n-play any kind of authentication on the frontend without having to change your backend code (more than magic links will be available such as FIDO/mobile device). The cryptography tech under the hood not only makes Magic secure but also extremely extensible and future-proof to any infrastructure leveraging asymmetric key-pairs!
Hirday Gupta
@cx42net looks like someone productized password-less login - just like the one you had on improvmx! :-)
Cyril
@hirday_gupta Yes indeed :D
MDMANIK Hossain
Digital marketing
Siddharam Shingshetty
How different is it from emailing an auth link each time?
Victor Gatto
Fundamental issue is that it requires an email address to login, which requires a password.
جدد أفكارك
This is equivalent to Thomas Edison's invention that he is making a revolution in the world of technologyThis is equivalent to Thomas Edison's invention that he is making a revolution in the world of technology
Selcuk Cimen
.
Kinkaid Burkovski
Interesting) We study....
First
Previous
•••
4567
Next
Last