The end of passwords is near, maybe within the next 10 years we might see people completely ditching passwords and adopting a new method. But using magic links is not the best way for a passwordless future. Let’s look at a user trying to login.
- First they open a tab and type your website.
- They enter their email address.
- They are given a popup or notification that a magic link has been sent.
- Open another tab.
- Open your email service, enter email address and password and login to your email account.
- Find and open the email containing the magic link in a bunch of unread emails, in an email account full or unread and junk mail filled email it’s a nightmare.
- Then click the magic link which will open another tab that will log you into that service.
That’s just too much friction/pain for a user to go through just to login to a website. Getting users aboard should be frictionless a possible.
A better alternative is social login. Like using Facebook, Twitter or Google account to login to a serve. One click of a button and you’re logged in. With minimum fiction. A push notification is also better when a user taps on a push notification on their mobile device they will be logged in (I’m not yet sure on how to fully implement something like this).
And when it comes to young people they use emails even less.
I think in future it will be something biometric to login to a service, maybe retina, maybe some sort of an implant in the body that is unique depending on the individual like DNA.