Passwordless login (passwordless authentication) is simple, secure, and uses email to identify you.
You'll receive an email with a link containing a token. Click on the link, and you'll be logged in.

• The link with the token remains valid for 1 hour.
• It works on computers, tablets, and mobile phones.
• The next time, you'll follow the same process.

While username + password is currently the most familiar method of logging in, it's certainly not the gold standard. Unfortunately, humans aren't designed to remember and use different secure passwords for all our 100+ accounts.

Passwordless authentication is becoming an increasingly important system for logging in. Users are connected to more devices and have more accounts than ever, making the passwordless approach even more convenient. This makes passwordless a clear winner.

Is it Secure?

Not only is passwordless authentication safe to use, it might even be safer than a traditional username + password login. By now, it's quite clear: we reuse the same passwords again and again and again. And who creates a unique and complex password for every website? Who changes their password regularly?

Passwordless authentication eliminates the issue of using an insecure password.

One skeptical point about passwordless authentication is the use of email for logging in. And that this email could be insecure and susceptible to abuse. This is a legitimate concern, but a compromised email account could also be used to "reset" a password, making this concern no greater than a username + password login.

Since the link is usable for a short time only, this provides additional protection.

Token

The passwordless authentication method verifies a user's identity using their email address and a complex encrypted token.

Here's how it works: users click to log in. An email message is generated with an encrypted token or key code. Clicking the link in the email compares the user's identity and email address with the website's data, granting them access (or denying it).