Passwordless login overview

pete

The Maven platform is moving to a passwordless authentication system

The Maven platform is moving to a passwordless authentication system, which will require all users to have an account that is associated with a verified email address.

In the near future, Maven will no longer support login via email address and password, or the Google/Facebook authentication options. Before that date, it’s important that all Maven users verify the email address they’ve registered with. Users will also have the opportunity to update an email address in the event they don’t have access to the original email they registered with anymore.

Why passwordless?

Passwords have become a less secure authentication method as online security breaches and phishing continue to increase. Additionally, with so many websites requiring a password that’s easy to remember but hard to guess, it’s become a burden for users to remember and manage their various passwords. The threat of a compromised password being used for multiple websites also makes the user more vulnerable from a security standpoint.

Passwordless login assures that the user logging in also has access to the email address on file and removes the burden of remembering passwords or constantly changing them.

How it works on Maven

Users can still login from the same places on the site:

  • The ‘Login’ link from the menu in the upper left corner
  • Invoking the ‘Follow’ button
  • Attempting to create a quick post
  • Attempting to comment on or Like a post

In each of those cases, users will be presented with a new login dialog that follows this flow:

  • Prompt to login by entering an email address
  • Six-digit code is sent to that inbox
  • Enter the code in the login dialog box
  • You will be logged in with a verified email address

Classic Login

‘Classic Login’ (using an email/password, Google or Facebook authentication) will remain on the new login dialog as a temporary bridge for users to verify their email address. Later in the summer, the classic options will be removed and Maven will communicate in advance of that.

​Upon logging in with any of the classic methods, you will be prompted to either verify the email address on file or change it (this option is mainly provided in the event that you no longer have access to the email address you registered with).

After choosing to change or verify, you will follow the same flow as above - take the six-digit code sent to your inbox and enter it in the Maven login modal for verification.

Example of updating email​

Example of verifying email on record

Comments (1)
No. 1-1
ben
ben

Thanks for the write up Pete