Hi @richb201 ,
Are you asking what the security implications are for not using passwords at all?
That's hard to give general guidance on, as that depends on how good users are at keeping their email accounts safe.
In general it's going to be pretty good because people tend to care more about their email accounts and pay more attention to them than some random account they signed up for 6 months ago and haven't checked since.
Also in favor of this is the fact that the passwordless codes are time limited (configurable in the tenant).
But, as I'm sure you can understand, I can't do a thorough security analysis because I don't know the full details of your scenario.