What is Passwordless Authentication?
With the increasing number of cyber-attacks on the classical password-based authentication method, passwordless authentication is becoming more and more popular. The authentication method is changed from something you know (the password) to something the user has (e.g., smartphone) or something the user is (e.g., fingerprint). There is no longer a need to remember a password.
Classic password-based authentication methods are not only vulnerable to cyberattacks but are also cumbersome for users. Everybody has lots of online services and app-logins to administer and it is very hard to remember all the necessary passwords. As a result, many users use the same login credentials for all their services, which makes one compromised password a catastrophe as now all logins are breached at once.
The passwordless authentication using a Magic Link requests login access by sending a message to the individual user's e-mail or SMS account and is confirmed by clicking an embedded link. Every time the users wants to access the system, the process is repeated. As the click of the link gives access to the application the link is called "Magic" link.
There are, of course, more passwordless authentication methods, such as the use of biometric factors. Engity offers those methods as well and we invite you to consider them as they may be very appropriate for certain use cases.