Secure Access w/o login beyond magic link?

Good day community.

How would you introduce a means for individuals to receive an email and get access to a secure page without entering their password?

The target audience for this enhancement is the elderly population, where login is a point of friction for many. They’d need access to a dynamic (non-standard) web form and it is entirely possible several emails to a unique form linked in each has piled up in their inbox.

I’ve considered sending a magic link but it expires in 24hrs and the emails could pile up with several links cancelling each other out.

I’ve considered a dynamic URL with temporary pwd but then I’ve reset their actual password, in the event they actually do use it. Also, again, the emails could pile up, many now with invalid temp passwords.

The best I can come up with is to force them through a magic URL process every single time, requiring them to bounce from email, to site, to email, and back to site in order to login every time. It doesn’t feel ideal for this persona.

Any recommendations/approaches I may not be considering?

Thanks!

Well that’s “magic link” now, isn’t it? So…

@keith Not sure if you are being funny, I misunderstand how magic link works (90% of the time the case ) or you didn’t read further as to why I am trying to rule it out as an option.

Can they last longer than 24hrs and can a user have multiple sitting in their inbox, all functional?

Thanks!

All I was saying is you are exactly describing how “magic link” works. So you either like that idea or not.

In terms of old people piling up a bunch of emails, I have no opinion. Obviously you can test it, eh?

Nope.

To the best of my knowledge, one magic link does not negate another… they just expire when they expire. To Keith’s point, though, that would be pretty easy to test.

I suggested to them that they add a duration field for both the login and magic login actions

This topic was automatically closed after 70 days. New replies are no longer allowed.