Passwordless Logins is a new way to lock down your WordPress site while making it easier for you to log in securely without ever entering a password. The creation of Passwordless Logins is an alternative to using a weak password and no form two-factor authentication. The goal is to increase adoption of 2fa and increase the security of their site without sacrificing usability.
We have been using passwords to secure things as long as there have been computers. However, passwords by themselves are not a good way of proving identity, and we can do better. All major tech companies are on a mission to kill passwords in today’s time. The Question is “Why?”
Password best practices has become a hassle to implement and most users are not comfortable adding an extra step to the login process, even if it is used for secure identification. When a choice is given, people have always chosen convenience over security. The reason why 90% of Gmail users don’t use two-factor authentication is that it adds an extra step in their already occupied schedule. Only 12% of people use a password manager because it adds another application for them to manage.
According to Google’s research, using Two-Factor will prevent 100% of bot attacks and 99% of bulk phishing attacks.
Passwordless login is both safe and simple, increasing the likelihood that the average person will secure their account. Passwordless logins lock down your accounts and are much easier to use than traditional credentials. Generally, you are habitual of using Passwordless methods like thumbprint or Face ID to open your phone lock. Important to know that a Passwordless login doesn’t essentially mean a password isn’t assigned to the user. The passwords are still saved for a user but you don’t need it to login just like a phone still requires you to set a password or a PIN, but you do not need to enter every time to unlock the phone.
The Passwordless Login method provided by WordPromise will email you with a “magic link,” or a link that will log you into WordPress with a click of a button. This way, the Passwordless login requires you to have access to the actual email account associated with the user, providing another easy to operate kind layer of security.