Create Secure Way to Log Passwordless User In

Today Bubble limits user objects to use emails as the primary authentication method.

This is outdated, as top apps like Facebook/Instagram/TikTok/Twitter all use Phone Number as the primary authentication method and use one-time SMS codes to log people in.

Right now, Bubble doesn’t natively support letting a developer build a workflow for a user to signup with phone number (assigned a random password they never see) and then log them in later on after they successfully confirm their one-time SMS code.

The work around is to assign a temporary password to the user and then call the “log the user in” workflow using the result of the temporary password action, but that doesn’t seem very secure since it requires doing things in the frontend and also making the user email field searchable by logged out users (since the “Assign Temp Password” workflow takes in a user, not an email address).

Other ideas?

1 Like

I haven’t tested them personally, but there are Bubble plugins for passwordless authentication. Check this one and this one.

I wouldn’t exactly call email authentication “outdated” though. This is still by far the most common authentication method on the Internet.

Check out Auth0

You can try Secqure Passwordless Authentication for Bubble. Its easy to integrate with Email magic link/OTP and also provide global SMS OTP capabilities.

I build it using bubble. Very easy!


Can you help me with creating the SMS OTP verification login please?

hey, you can check our bubble document
The Authentication mode (Magic Link or OTP) you can setup in secqure dashboard.
I can able to help you in this in secure passwordless login forum.