PlusAuth supports passwordless authentication, which lets users log in without having to use a traditional password. The idea is to make things both more secure and easier for users by replacing passwords with other ways to authenticate. So, instead of a password, users verify their identity through a variety of methods.
Here's what PlusAuth currently supports for passwordless connections:
SMS (Short Message Service):
- Users get a one-time passcode (OTP) sent to their phone via SMS.
- They enter that code to log in.
- Pretty much everyone has a mobile phone, so this is a very accessible method.
Email:
- OTP (One-Time Passcode): Similar to SMS, but the OTP is sent to the user's email.
- Magic Link: Users get an email with a special link, and clicking it logs them in. This can be a really smooth way to log in.
Push Notification:
- Users get a login request sent as a push notification to their mobile device.
- They just tap to approve the login.
- This is both secure and pretty convenient for users.
WebAuthn:
- Users authenticate using things like biometrics or security keys.
- Biometrics can be things like fingerprint recognition (e.g., Face ID, Touch ID) or facial recognition.
- Security keys are physical devices that provide really strong authentication.
- WebAuthn is a modern and very secure standard for authentication.