Purpose
Passwordless authentication is designed to:
-
Reduce login friction for customers
-
Improve security by eliminating password handling
-
Remove the need for password creation, storage, and reset workflows
By removing passwords entirely from the login process, both usability and security are enhanced.
How Passwordless Authentication Works
When passwordless authentication is enabled:
-
Users enter their email address on the Marketplace login page
-
The system sends an email containing a secure, time-limited login link
-
Clicking the link authenticates the user and grants access to the Marketplace
-
No password is created, stored, or transmitted at any point
This approach relies on secure token-based authentication instead of traditional credentials.
Enabling Passwordless Authentication
Passwordless authentication is provided as a system feature. To activate this functionality, contact COS Support.
Impact on Existing Authentication Flows
With passwordless authentication enabled:
-
Password creation is no longer required
-
Password storage is no longer used
-
Password reset and recovery flows are no longer needed
This reduces system complexity while minimizing the risk associated with password-based access.
Security Considerations
Passwordless authentication improves security by:
-
Eliminating risks related to weak or reused passwords
-
Reducing exposure from credential leaks
-
Ensuring access is granted only through verified email ownership
Secure login links are generated and validated using existing security mechanisms to ensure safe access.
Summary
Passwordless authentication for the Marketplace provides a secure and user-friendly alternative to traditional login methods. Once enabled by COS Support, it simplifies customer access, reduces support overhead, and strengthens security by removing passwords entirely from the authentication process.