Menu
iThemes
WordPress Backup, Security & Maintenance
  • Products
    • iThemes Security Pro
    • BackupBuddy
    • Kadence WP
    • Restrict Content Pro
    • iThemes Sync
    • Why buy from iThemes?
  • Bundles
    • Essentials Bundle
    • Plugin Suite
    • WordPress Web Designer’s Toolkit
    • Customer Spotlights
  • Resources
    • Blog
    • WordPress 101 Tutorials
    • WordPress Ebooks
    • Weekly WordPress Vulnerability Report
    • The Ultimate Guide to Starting a Web Design Business
  • Training
    • Upcoming Webinars
    • Free Webinar Library
    • Premium Courses
    • Become a Member
    • Member Login
  • Support
    • Documentation
    • Get Help
    • Product Updates
    • Upgrade Policy
    • Contact
    • Our Mission: Make People’s Lives Awesome
  • Log In
WordPress News and Updates from iThemes
Categories
  • Product Updates
  • WordPress Backup
  • WordPress Block Editor
  • WordPress Ecommerce
  • WordPress for Freelancers
  • WordPress Security
  • WordPress Tutorials
  • WPprosper

iThemes Security Pro Feature Spotlight: Passwordless Login

Written by Michael Moore on July 1, 2020

Last Updated on February 21, 2022

In the Feature Spotlight posts, we are going to highlight a feature in iThemes Security Pro and share a bit about why we developed the feature, who the feature is for, and how to use the feature.

Today we are going to cover Passwordless Logins, a new way to verify a user’s identity without requiring a password to login.

In This Article
  • What are Passwordless Logins?
  • Why Use Passwordless Logins?
  • Why We Developed Passwordless Logins for WordPress
  • 3 Reasons to Use Passwordless Logins
  • How to Use Passwordless Logins
  • Wrapping Up: Get iThemes Security Pro Today!

What are Passwordless Logins?

Passwordless login is a new way to verify a user’s identity without actually requiring a password to login. We took the idea of the Magic Links and evolved it into a new login method that allows you to require users to use strong passwords and two-factor authentication without ever entering a password or an extra authentication code.

Why Use Passwordless Logins?

By definition, every security measure is designed to decrease the convenience of whatever is receiving the added security. For added security, the front door of my house has a lock on it. The lock requires the extra step of using a key to unlock the door before it opens. Adding the extra step to enter my home is probably a good idea even though it would be easier without a lock.

The same goes for your online accounts. Using a strong, unique password and two-factor authentication will protect you from 100% of brute force attacks. Unfortunately, there are still many people reusing their same weak password and not using any form of two-factor.

Those of us in the security community often have a hard time understanding why it was so hard to convince people to sacrifice a little convenience to gain a huge amount of security. We don’t even think about having a unique lock for each physical door we enter–I have a key for my car, wife’s car, house, office, and mailbox–so, why does using a unique password on our virtual door seems so inconvenient?

Why We Developed Passwordless Logins for WordPress

We in the security community have started to realize that we have always made security more confusing than it needs to be. Once you have a key for a physical door, you are done. However, with password security, we have made a bunch of rules that can be overwhelming. To make matters worse, it doesn’t seem like we can agree on what the rules for creating a strong password should be.

Whether we in the security community want to admit it or not, using a password manager and two-factor authentication can be a pain and time-consuming, especially as we move more and more of our lives online.

So we wanted to create a way for people to get all of the security that a strong and unique password provides without sacrificing the usability.

3 Reasons to Use Passwordless Logins

For all these reasons and more, Passwordless Logins make securing your WordPress site even easier.

  1. Adds more brute force protection by bypassing the normal WordPress login method.
  2. Allows users to login to your website directly from a link sent securely to their email address.
  3. Helps reduce login friction by removing the need for complicated passwords or two-factor codes while maintaining a high level of security.

How to Use Passwordless Logins

To get started using Passwordless Logins, navigate to the security settings’ Features menu and enable the Passwordless Login.

After enabling Passwordless Login click the cogwheel to manage the settings.

Click the User Groups links to select which users can use the login method and bypass two-factor when using the method.

Now that you have enabled Passwordless Logins, you can enforce strong passwords and two-factor requirements without negatively impacting the experience for the users on your site.

Get the bonus content: Getting Started with Passwordless Logins
Download now

How the Passwordless Login Method Works

When logging in you will be asked to choose a login method. Click the Email Magic Link button to send the email containing the passwordless login link.

Email Magic Link

You will now see a message confirming the email has been sent.

Passwordless Login Check Email

In your email inbox, open the Magic Link email and the Login Now button.

Passwordless Login Email

And that is it, no entering of a password or two-factor token. This means that once you enable Passowordless Login, you don’t have to know your complicated password or copy and paste an extra code to login. However, those bad guys trying to brute force your site will have a 0% success rate.

Wrapping Up: Get iThemes Security Pro Today!

As you can see, Passwordless Logins in iThemes Security Pro can add a strong layer of security to your site without any added inconvenience.

Get iThemes Security Pro now

Share via:

  • Facebook
  • Twitter
  • LinkedIn
  • More
Other related posts
WordPress vulnerability report
WordPress Vulnerability Report – June 22, 2022
what-is-a-pharma-hack
What is a WordPress Pharma Hack?
wordpress vulnerability report
WordPress Vulnerability Report – June 15, 2022
clean-up-hacked-wordpress-site
How to Clean a Hacked WordPress Site

Comments

  1. ?WordPress Vulnerability Report: September 2021, Part 2 • Softbranchdevelopers says:
    September 8, 2021 at 9:52 am

    […] Magic login links […]

    Reply

Respond

Click here to cancel reply.

Get updates on new themes & plugins plus special discounts

About iThemes

  • The Team
  • Contact Us
  • Website Accessibility Statement
  • Sitemap

Resources

  • Blog
  • Documentation
  • WordPress Tutorials
  • Free WordPress Ebooks
  • Free Webinar Library
  • Free Upcoming Webinars
  • iThemes Training
  • Affiliates

Customers

  • Member Panel Login
  • Support
  • FAQs
  • Upgrade Policy
  • Licensing
  • Terms and Conditions
  • Refund Policy

Top Products

  • BackupBuddy
  • iThemes Security Pro
  • iThemes Sync
  • Restrict Content Pro
  • WPComplete
  • WordPress Hosting
  • WordPress Plugins
  • Content Upgrades
  • WordPress Landing Page Plugin
  • BackupBuddy Stash

iThemes Media LLC Copyright © 2022 All rights reserved | Privacy Policy

© 2022 All Rights Reserved.

Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap

Get the Ebook: Getting Started with Passwordless Logins

Learn more about how to get started with passwordless login for your WordPress website, a new way to simplify the login process with extra security.

  • The passwordless future
  • Different methods of passwordless login
  • Adding passwordless login to your WordPress website
  • How the passwordless login method works
No spam. Unsubscribe anytime.