By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,978 Members | 1,831 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,978 IT Pros & Developers. It's quick & easy.

Passwordless authentication with a twist

P: 1
Most of us think of magic links when we hear "passwordless", but I'm trying out a different approach. What if we require our users to SEND an email for authenticating?

I've been experimenting with this idea recently and actually got around to building a prototype. This system will work as a SaaS (similar to Auth0) aimed at developers to implement authetication in their sites/apps.

The concept is pretty simple. Use mailto HTML links to open the default email app prefilled with a generated auth code. User then taps send, waits for the email to be processed and he's in.

There are some pretty cool benefits to this method:

- user doesn't have to type in not even their email addresses (infered from the received email)

- most email clients also send firstname/lastname with the email address, so signing up to a website that requires email, firsname, and lastname simplified

Spoof protection is done via email DKIM.

Here's a gif with how this works:

[Imgur](https://i.imgur.com/RhgsNzD.gifv)

If you want to try it out for yourselves, here's the website

https://nova-authenticator.com/

What do you guys think? Is this something that could catch on? Is it a viable alternative to existing systems?
Apr 16 '20 #1
Share this question for a faster answer!
Share on Google+

Post your reply

Sign in to post your reply or Sign up for a free account.