Logo / Docs

Passwordless Login Overview

Play

Passwordless authentication refers to any method where users do not need to provide a password to authenticate.

These methods have user interface benefits and can help decrease friction for users looking to log in. No more passwords to remember, or, worse, to forget.

Instead of asking your users to remember a password, you can use magic links or one-time passwords (OTP). This authentication method sends an email or message to the user that allows them to log in without entering a password.

Possession of the message proves the user's identity and authenticates them. This method uses either a clickable link (aka a magic link) or a delivered one-time password (OTP), like 000000.

This method works well when you:

  • have a way to message your users, such as an email address, phone number, or Facebook account
  • want to minimize login friction

Learn more about magic links or how to implement magic links with FusionAuth.

WebAuthn and Passkeys#

Instead of forcing users to remember a password, with WebAuthn passkeys, they can use strong biometric means of authentication. Using a standard protocol called WebAuthn, web and mobile applications can leverage devices such as phones or YubiKeys to authenticate a user.

This method works well when you:

  • know your users use WebAuthn capable browsers
  • want to allow for secure, phishing resistant authentication
  • want to minimize login friction

Learn more about WebAuthn passkeys or how to implement WebAuthn passkeys with FusionAuth.