Magic

Make passwords disappear with a touch of Magic

Passwords are the bane of app security. With a few lines of code and no bloat, Magic lets you build apps with blazing-fast, customizable, passwordless login - with future-proof crypto and identity tech under the hood.
discussion
Would you recommend this product?
41 Reviews4.4/5
Password-only security is obsolete and dangerously insecure. I've been hoping for a solution like this for more than a decade. The danger and the stakes for user authentication security are growing exponentially by the day. As we add more valuable asset transactions to our applications, the need for non-custodial solutions with minimal vendor lock-in grows as well. Magic was easy to learn and easy to integrate with EricElliottJS.com, and we intend to use it as our exclusive auth solution for all of our new applications. The Magic team has created an elegant solution to a very challenging problem that every application team needs solved, but almost none should try to solve alone. Magic is a non-custodial key management solution that stores user keys in cloud-based Hardware Security Modules (HSMs). Private keys are never exposed to the internet, and your users don't even need to know they exist. All users need is access to an email address and the ability to click a button. It's the most user-friendly, secure authentication solution I have ever seen.
Share
Jeffrey TongCEO, Zelos
What's the difference between Magic and a product like Fast? Regardless, the integration is super seamless... Wow
Share
Sean Li
Maker
CEO Magic, Fortmatic, Ex-Docker
@trigun0x2 Thanks so much Jeff! Fast is focused on e-commerce companies with a streamlined checkout experience, while Magic is focused on providing a robust identity service that can be used for both startups and enterprise companies (SOC 2 compliant). The other major difference is that Fast in this case is a centralized identity provider with a SSO-like experience, which also means that developers will have to expose the Fast brand on top of their own UX (like Facebook or Google auth). Magic instead gives users decentralized identity which is self-sovereign without having to trust centralized identity providers. Magic also gives developers the ability to customize the magic link experience, giving them a lot more control over the UX! A cool secret with Magic is that every single user will be issued a blockchain key pair, which means for advanced developers, they'll be able to easily tap into the power of blockchain and cryptocurrency to build future-proof and innovative applications!
Share
@trigun0x2 @_seanli When you say "without having to trust centralized identity providers", aren't you still trusting AWS? Afaiu, they hold all users' private keys in clear.
Share
Indeed, passwordless login is pretty magical. Great job!
Share
Jaemin
Maker
Cofounder at Fortmatic
@fumoboy007 Yes indeed! Love that you appreciate the magicalness of our Magic passwordless login!
Share
Ian Rumac
Android Architect @ Undabot
I'm really impressed by this. Let me start from the landing page - immediately gives you all the information you want : what is this, why would you need it, what are the benefits and how to use it - without cluttering and while looking pretty good (not a fan of the mint, even tho its associated with security). The SDK is simple and readable, the documentation is nice and readable - and answers all of the questions I might have regarding present and the future of using Magic. And the product is awesome! First time I saw a magic link like that I was wondering why more services don't use it, and this makes it super easy to implement. And I love that the blockchain side is hidden from the user but still accessible - as it should be! Mad props! 🌊
Share
Sean Li
Maker
CEO Magic, Fortmatic, Ex-Docker
@ianissoawesome Thank you so much for the kind words and great feedback Ian!! 💜
Share
Denis KryukovMy short bio — just 33 characters
Your "Security" section is a great read in and of itself. Thanks for this product. How common is the "passwordless" approach at the moment?
Share
Sean Li
Maker
CEO Magic, Fortmatic, Ex-Docker
@devishnya1 Thanks!! We are very optimistic that it's a matter of time before passwordless auth start to catch on in mainstream applications! It's already been used as a predominant form of login for companies like Slack, Medium and Substack, with great results in terms of security and conversion, and we are in conversation with many more companies ranging from startups to enterprises who wants to switch over to Magic links! Passwords introduce so much overhead and risks these days giving the current cybersecurity climate and increasing number of data breaches. There are many caveats and challenges for developers to roll their own magic link, but that's what we are trying to make easier with Magic! We will provide not only just magic link login, but other form-factors like WebAuthn and mobile authenticator apps - passwordless login is looking to surpass password login as a predominant form of login within 10 years!
Share
Peter SaxtonReplacing email with something better
@devishnya1 it's certainly growing in popularity we launched our own solution on producthunt this month https://www.producthunt.com/post... and are excited to see more people in the space.
Share
Hunting down comments...