• nailingjello
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    8 months ago

    How do magic links work?

    Magic links offer a secure and intuitive authentication method by sending users a unique link via email. Upon clicking the link, users are redirected to the application’s endpoint for token verification and sign-in, eliminating the need for passwords.

    Am I missing something? So if someone hacks my email they now have access to all of my accounts? No thanks.

    • waratchess@lemm.ee
      link
      fedilink
      English
      arrow-up
      10
      ·
      8 months ago

      If someone hacks your email you’re already fucked, since for most accounts all that’s required to do a password reset is having email access.

    • subtext@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      8 months ago

      This is a API for Bitwarden Passwordless.dev, not for the Bitwarden password manager.

      E:

      Is this offering a part of Bitwarden Password Manager?

      The API is available to customers using Bitwarden Passwordless.dev, a separate product.

    • Daxtron2@startrek.website
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 months ago

      Plenty of auth implementations that do stuff like this already, and like the other person said, if your email is compromised, you’re already fucked.