Product builders, how would you like your users to login to your app? With or without passwords?
Advait Ruia
37 replies
Passwordless could include methods like:
Magic links (sent on email or SMS)
OTPs (one time password)
With passwords is email + Password
Replies
Jay Mistry@jaymistry_st
Passwordless for sure, there are just so many sites out there, it is a huge hassle to remember passwords for all.
Share
SuperTokens Passwordless
Passwordless - without a doubt. Magic links and OTPs for the win!
I think Magic links sent on email are great, enter username and click on the link you get and you're good to go. No need to manage passwords, OTP sent via SMS are big hassle sometimes, you need to wait minutes for OTP to arrive if there's a problem with mobile service.
I feel via magic links that are sent on email is best and efficient way to login!
SuperTokens Passwordless
The convenience of Magic links (with email) is just great
For me it depends on the use-case:
For things I use once a month or less, passwordless for sure.
If I have to authenticate more often, I find having to switch apps and/or wait for delivery gets annoying really fast so I prefer passwords (and a password manager).
All that said, for higher security things I feel like we won't be able to ditch passwords as one of the factors. At least for a while :)
PixelBin.io
I definitely prefer passwordless. Its super convenient to login through OTPs and Magic link rather than struggling to remember the passwords.
I prefer passwordless, not having to remember passwords and the convenience of just having a code texted to the user seems so much more friction free
I'll always choose security before convenience. Therefore, for this one, I will preferably vote for the passwords.
I have following the development of Supertokens and live what has been do so far. Keen to use it in my next MVP (if possible). Quick Login + Hassle free experience for the end customer is a really good deal.
passwordless... any day...
A remote working solution.
Email links and OTPs are good authentication methods but neither are too reliable because they depend on the email provider and the cell connection. That's why I'd go with passwords plus email links for two-step authentication. Of course, social logins are really helpful because users don't have to enter theri credentials all the time.
I would prefer passwordless (maybe even thirdparty login). Having thirparty login can also remove the step of capturing the user info, so one less step for the user on-boarding process. If I want to make it more secure, I would add MFA.
Passwordless, for sure!
Slackmin
I am not sure how can we get rid of passwords as a concept because even if you embed magic link or OTP via emails, you still need to log in to Gmail/other email clients to access these authentication types.
WorkHub
Launching soon!
I prefer a Passwordless system but something other than Magic link or SMS because they also depend on other apps or services that need to be logged in.
SuperTokens Passwordless
Funny enough, I logged in to @producthunt today. I had forgot how I signed up here and tried logging in with gmail, it told me that I don't have gmail login for my user and it sent me a link to login. I clicked the link and here I am. Super smooth experience. This brings me to answer the question
* For most apps, I want passwordless because similar to PH login story today, I will forget password anyway and will reset the password.
* But in some case, passwords combined with 2FA make more sense e.g. banks. For most transactions, that is anyway requirement by RBI to have have at least two ways to authenticate user (something they can remember + something they own)
* Social login to me makes sense only when the app is dependent on some social data e.g. a twitter analytics app.
* In some cases, I think a combination of passwordless with password can be suitable where passwordless gives you access to some resources and then a combination of password+2FA gives you access to more sensitive resources
Sheetson
Passwordless with OTP reduced our failure rate more than 3 times
@ralphilius wow! did you build your own passwordless auth?
I am in favor of passwordless login, using the OTP or magic link is the need of the hour as the main focus around is to reduce the friction for the end users.