I don't ask for customer information if there's no real need.
When all kanochart had were free surveys, there was no need to ask for email addresses, let alone have users create an account.
So when I was implementing paid surveys, I did some research to find alternative ways to signup forms. I didn't want users to have to set a password or sign up with social accounts.
One way is passwordless login. All you need to give is your email address, and you get a link with a unique login token. You click the link and you're logged in, ready to access your account.
I implemented the feature using flask-security. Although the docs say the feature is experimental, everything works fine.
From my perspective, passwordless logins are great. I am wondering however whether users actually like it.
Do any of you have experience with passwordless logins and whether users like them?
Thanks in advance!
Top comments (5)
I'm in an unusual position on this - 90% of my users are internal to the organisation and are 'programmed' to use their corporate username & password to log into systems.
But some systems allow for external logins - and for those I go with passwordless logins as it cuts down on password problems at our end, and reduces the amount of info admin users need to provide when creating external account. The external users seem to like it as it's one less thing they need to remember - the 'inconvenience' aspect of having to then check their email doesn't seem to come up - I guess they are all email junkies so check their email all the time anyway.
Thanks! As you are working in what seems to be a corporate environment, are there any security risks with passwordless logins you (have to) take into account?
We thought about it a bit - the main one is that if someone's email is hacked then they can get in without the "second factor" of a password - but given previously our admin's were in the habit of emailing their passwords in plain text when someone forgot them, it seemed like an improvement ;-)
Well. We have password-less logins for already 2 years at app.eaternity.ch - usually we have a bit more overhead, because one in five people keep asking how to login, on their second login. We basically implemented it when basecamp went also this way. But they seem to have gone back to standard login/password combinations. Because, I guess, for most users this is more convenient. It might not be as secure, but convenience is king for business.
So I don't know how to go about this. I would be open to Apple/Google type of Login Buttons, but I do not feel well to ask people for passwords, they might use everywhere, or are really insecure.
Thanks for your comment. I'll have a look around at why Basecamp went back to the login/password combo.
Coincidentally, I had a talk with several of my users this morning. I noticed they went back to a previous mail to log in. (I didn't set an expiration date on the unique login link).
So they did not use the login button after the first time. When asked why, it turned out they found it easier that way (no need to re-enter their email addresses) and also their ISP is slow in delivering email (all emails always take over a minute to arrive).
Passwordless logins may seem easier on the user at first sight, but like you, now I'm not so sure anymore.
(By the way, we agreed to put login/password-based login on the roadmap, but not at a very high priority)