SuperTokens is used by 10,000s of developers worldwide. It eliminates vendor lock in and other tradeoffs associated with traditional SaaS providers. With launch of passwordless, apps can authenticate their users through email IDs or phone numbers!
Hi everyone!
Today, we’re releasing the most powerful passwordless solution ever built! 🎉
What is passwordless?
Users can enter their email ID or phone numbers and receive a "Magic Link or an "OTP" instead of a password
Magic links are URLs that contain a unique identifier (password) embedded in the URL itself. The OTPs and magic links are time based, one time use only. They expire quickly and can only be accessed by someone who has access to that specific email ID or phone number.
Advantages and concerns:
Users often reuse the same password or use "password123" which can be guessed or brute forced. Removing passwords out of equation removes this concern
In terms of UX, passwordless may present a significantly improved UX depending on the type of app and user
For eg: Phone number based OTPs may be a great way to maximize sign conversions for mobile apps.
We support email and phone based auth in our implementation of passwordless. WebAuthN and push notif based auth coming soon!
I'd love to hear what you think about passwordless and answer any questions about user experience and security!
Why I like Passwordless? It reminds me of my conversations with Dad.
I keep asking him to create secure passwords and manage them as I say. And he keeps complaining it is hard to remember passwords and keeps asking me the same questions repeatedly
* why can't I create a simple password as "password123", I have nothing to hide
* why can't I reuse it everywhere, what would someone get by hacking my account
* ok, I will create different strong passwords everywhere. Can I write it in a diary then?
and a very deadly question - why can't I share my password with my friend. He says that all his friends do all those things and they have never been hacked.
When I think more closely, that's the level of awareness or tech experience of most people. Dealing with passwords gives them a headache. It seems like a common sense to us developers who are well aware of what happens in the background when we make a login request. When we give those people password-based auth, we expect them to work as per best practices while in reality, they make the worst choices and this makes the password-based auth highly insecure.
I think passwordless fills this gap, makes systems more secure for users who are not that tech savvy. Definitely, passwordless auth goes on top of my list of auth strategies to implement in my next app.
I'm curious what are some guidelines that we can give to end users(similar to my Dad) to make passwordless more secure and easier to use? Althoug most of the passwordless security I see is at the implementer side only but still if there are any thoughts from the community, I'd love to learn that
This is nice! We are already getting used to this behaviour using banking apps and wallets. It will be a good push for standardized logins as well. Congrats on the launch!
This is awesome, and I personally have gotten more insight into how the product works from @nevilbutani
This is a great way to access your accounts without remembering any passwords. Congrats on the launch! 👏
Wow! This product looks super useful. My parents keep forgetting their social media passwords and this will be a lifesaver. Logging in with OTP is the most convenient way for most users and this will surely be successful.
Congratulations on the launch! 🎉
@harsh_siriah1 You're right! Lots of use cases for OTP login. Plus, with regards to your point - the fact that mobile apps can now enter the OTP automatically, it just makes life a lot easier. 😃
Report
Looks really good! I've heard about of you guys before. Will definitely check it out for my next project.
Good luck for the launch, guys! 👍
@neet Thanks you so much! Please feel free to join our Discord (https://supertokens.com/discord) if you need any help or guidance with implementation. 😺
Hi everyone!
Today, we’re releasing the most powerful passwordless solution ever built! 🎉
What is passwordless?
Users can enter their email ID or phone numbers and receive a "Magic Link or an "OTP" instead of a password
Magic links are URLs that contain a unique identifier (password) embedded in the URL itself. The OTPs and magic links are time based, one time use only. They expire quickly and can only be accessed by someone who has access to that specific email ID or phone number.
Advantages and concerns:
Users often reuse the same password or use "password123" which can be guessed or brute forced. Removing passwords out of equation removes this concern
In terms of UX, passwordless may present a significantly improved UX depending on the type of app and user
For eg: Phone number based OTPs may be a great way to maximize sign conversions for mobile apps.
We support email and phone based auth in our implementation of passwordless. WebAuthN and push notif based auth coming soon!
I'd love to hear what you think about passwordless and answer any questions about user experience and security!
Supertokens made it easy to set up passwordless email and GitHub authentication. It's the best open-source authentication library that works end-to-end with Python.
Easy set-up and configuration, but the best thing is not those...
It's the confidence in what I deploy and what my users interact with since I control all the code/servers and don't have to redirect them off-site for authentication.
Agenta
SuperTokens Passwordless
SuperTokens Passwordless
SuperTokens Passwordless
Sales Sparrow by True Sparrow
SuperTokens Passwordless
Slackmin
SuperTokens Passwordless
SuperTokens Passwordless
eesel
SuperTokens Passwordless
SuperTokens Passwordless
AppLogger by PLG Works
SuperTokens Passwordless
SuperTokens Passwordless