Product builders, how would you like your users to login to your app? With or without passwords?
Advait Ruia
36 replies
Passwordless could include methods like:
Magic links (sent on email or SMS)
OTPs (one time password)
With passwords is email + Password
Replies
Raj @ Vault Vision@rajnijjer
Vault Vision
@advaitruia, look into passkey technology and how it has enabled passwordless logins with faceid, fingerprint and pin type patterns on all devices. We supported this at Vault Vision and it's been a great rollout so far!
Share
Slackmin
I am not sure how can we get rid of passwords as a concept because even if you embed magic link or OTP via emails, you still need to log in to Gmail/other email clients to access these authentication types.
Sheetson
Passwordless with OTP reduced our failure rate more than 3 times
@ralphilius wow! did you build your own passwordless auth?
Sheetson
SuperTokens Passwordless
Funny enough, I logged in to @producthunt today. I had forgot how I signed up here and tried logging in with gmail, it told me that I don't have gmail login for my user and it sent me a link to login. I clicked the link and here I am. Super smooth experience. This brings me to answer the question
* For most apps, I want passwordless because similar to PH login story today, I will forget password anyway and will reset the password.
* But in some case, passwords combined with 2FA make more sense e.g. banks. For most transactions, that is anyway requirement by RBI to have have at least two ways to authenticate user (something they can remember + something they own)
* Social login to me makes sense only when the app is dependent on some social data e.g. a twitter analytics app.
* In some cases, I think a combination of passwordless with password can be suitable where passwordless gives you access to some resources and then a combination of password+2FA gives you access to more sensitive resources
I'm good with them using third-party identity services like Google, Okta, etc.
I feel via magic links that are sent on email is best and efficient way to login!
MojoAuth
I would prefer passwordless. Rather than struggling to remember the passwords, it's too convenient to login through OTPs and Magic link. This removes all the friction caused by passwords and enhances user experience and adoption.
We've built https://www.producthunt.com/prod... to remove passwords from the internet. It only takes few minutes to add a few lines of code and your authentication is live.
SuperTokens Passwordless
Passwordless - without a doubt. Magic links and OTPs for the win!
I prefer passwordless, not having to remember passwords and the convenience of just having a code texted to the user seems so much more friction free
SuperTokens Passwordless
@nemi_shah 100%
@nemi_shah @puneet_acharya I agree. Passwordless is the future! :D
MojoAuth
I prefer Magic links via email or OTP via Email.
Once due to traveling I was not able to access my phone number and SMS but the internet was there at Airport and I got access to my account using Email OTP and Magic link.
With passwords, hands down.
A remote working solution.
Email links and OTPs are good authentication methods but neither are too reliable because they depend on the email provider and the cell connection. That's why I'd go with passwords plus email links for two-step authentication. Of course, social logins are really helpful because users don't have to enter theri credentials all the time.
SuperTokens Passwordless
The convenience of Magic links (with email) is just great
I didn't realize this but https://www.gripinvest.in/ does this & honestly I have never faced issues with logging in & their UX is very crisp.
WorkHub
I prefer a Passwordless system but something other than Magic link or SMS because they also depend on other apps or services that need to be logged in.
I am in favor of passwordless login, using the OTP or magic link is the need of the hour as the main focus around is to reduce the friction for the end users.
I think Magic links sent on email are great, enter username and click on the link you get and you're good to go. No need to manage passwords, OTP sent via SMS are big hassle sometimes, you need to wait minutes for OTP to arrive if there's a problem with mobile service.
@nevilbutani makes sense
I would prefer passwordless (maybe even thirdparty login). Having thirparty login can also remove the step of capturing the user info, so one less step for the user on-boarding process. If I want to make it more secure, I would add MFA.
@bhumil_sarvaiya Makes sense
For me it depends on the use-case:
For things I use once a month or less, passwordless for sure.
If I have to authenticate more often, I find having to switch apps and/or wait for delivery gets annoying really fast so I prefer passwords (and a password manager).
All that said, for higher security things I feel like we won't be able to ditch passwords as one of the factors. At least for a while :)
SuperTokens Passwordless
@mihaly_lengyel I agree. Ditching passwords forever will take some time :)