Posted on 10 Mar '22

Improving Customer Security with Passwordless Magic

With tech giants Google and Microsoft championing the advantages of passwordless login, we’ve started to look at how we can improve our processes to make it easier and safer for you to use our platforms.

We’ve all been there… you’ve cleared your cache or come back from a holiday, you’ve gone to log into something and you have a complete blank on what your password is. You’ve then had to go through the annoying process of resetting and then (if you’re like me) actually remembering your password but still being forced to change it.

Not only is this frustrating and time-consuming, it also makes your data vulnerable as passwords can be hacked by people with the right technology and time.

Passwordless logins are becoming more mainstream both in business and our personal lives. I was asked to provide my thumbprint to log into my new laptop, which surprised me initially, and I was sceptical about doing it but then I realised I’d already done this for my phone and actually it would give me extra security.

Now, we’re not looking at asking for your biometrics, but to help improve our security and keep you safe, we’re looking at other options to launch a passwordless login process.

What is the magic passwordless solution?

The main technique we’re considering for our passwordless future is using ‘magic links’. This is where you click a personalised link (or receive a code) in your email to access your account. With this method, if you don’t have access to your email account for some reason, then you could request a login code to be sent to your phone. You may have already come across this when you’ve accessed our Pulse, webinars or Masters Compass system, or in your personal life with Google or Microsoft accounts.

How is this going to benefit you?

#1 No more password resets

You read that right… no more racking your brain, cursing clearing your cache or trying to remember the name of your first pet and the year it was born, and whether you used a question or exclamation mark. Just type in your email and get ready for the code / link.

#2 Unique security

Without passwords, there’s nothing for hackers to hack. Magic links use temporary, unique links or codes so there’s limited danger in them being hackable as they won’t have been used for other websites or shared with colleagues.

#3 One account to rule them all

Magic links would mean that we could combine the logins for our FindAMasters and FindAPhD customer admin systems, as well as Compass, Pulse (for audience insights) and our webinars. This means that everything would be in once place, so you wouldn’t have to remember login details for multiple systems.

#4 Protecting you from the big bad world

With magic links, because you’re not providing a password, any external data breaches on third party systems, such as the recent ones on Facebook and Twitter, won’t affect your data security on our site.

What are the next steps?

We’re really excited about this project and are currently scoping out how it could work, but we’d love to hear your feedback. If you’re excited for the magic of passwordless that’s great, let us know! And if you have other ideas or think we’ve missed a trick then we want to know too! Send an email to Colette White [email protected] and we’ll make sure that all suggestions are considered in the conversations.

We’re aiming to get this rolled out to everyone in the next few months so keep your eyes peeled for the launch!

FindAUniversity take pride in being experts in postgraduate education. Follow us on LinkedIn and Twitter for regular insight, comment and case studies.