472,096 Members | 2,290 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,096 software developers and data experts.

Passwordless authentication with a twist

Most of us think of magic links when we hear "passwordless", but I'm trying out a different approach. What if we require our users to SEND an email for authenticating?

I've been experimenting with this idea recently and actually got around to building a prototype. This system will work as a SaaS (similar to Auth0) aimed at developers to implement authetication in their sites/apps.

The concept is pretty simple. Use mailto HTML links to open the default email app prefilled with a generated auth code. User then taps send, waits for the email to be processed and he's in.

There are some pretty cool benefits to this method:

- user doesn't have to type in not even their email addresses (infered from the received email)

- most email clients also send firstname/lastname with the email address, so signing up to a website that requires email, firsname, and lastname simplified

Spoof protection is done via email DKIM.

Here's a gif with how this works:


If you want to try it out for yourselves, here's the website


What do you guys think? Is this something that could catch on? Is it a viable alternative to existing systems?
Apr 16 '20 #1
0 2763

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

7 posts views Thread by Michael Foord | last post: by
8 posts views Thread by Bob Everland | last post: by
9 posts views Thread by Tom B | last post: by
reply views Thread by Anonieko Ramos | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.