Say goodbye to the hassle of remembering passwords and hello to seamless access. With passwordless login, everyone can easily and securely log in to your site with minimal friction. There are different ways to set it up, but you can give people the option of either a traditional login or a passwordless login, as pictured below. After clicking “Sign in with Email or Phone” the person is prompted for an email address or phone number. Rock recognizes which one is provided. In this case, Alisha will receive an email because she provided her email address. The email will have instructions and a button to Continue. All she needs to do is click the button to log in. If the person provides a phone number, they’ll get a text message with a code that they’ll need to enter to complete the sign in process. If more than one person shares the same email address, which happens often with families, the person will be prompted to indicate who they are. Configuring Passwordless Login Passwordless login relies on emails and SMS text messaging. If you’re not set up to send and receive communications in Rock, check out the Communication Guide before proceeding. NoteObsidian BlocksYou’ll need the Obsidian version of the Login and Account Entry blocks to use passwordless login. See our Websites guide for details on adding blocks to pages. System Communication When a person provides their phone number or email address for passwordless login they’ll get a response in the same medium. One of the first steps is to provide the SMS number from which that communication will be sent under Admin Tools > Settings > System Communications. Edit the Passwordless Login Confirmation system communication and, under the SMS panel, select your phone number. NoteTwilio ShortcodesKeep in mind that, by default, Twilio 10-digit numbers cannot receive SMS messages from short code numbers. So, you can't use a Twilio long code phone number for passwordless login if the message is coming from a short code number based on your configuration above. Login Block The Login block is where the person will go to log in. Here is where you’ll turn on passwordless logins, by opening the settings for the Login block and enabling Passwordless Authentication. Secondary Authentication Types - Enable “Passwordless Authentication” to make this option available.Show Internal Database Login - If you want to use passwordless login exclusively, then you can hide the normal login method.Default Login Method - Rather than clicking to get to it, you can make passwordless login the default option. In that case, people can still use a username and password, but they’ll need to click a button to get there Passwordless Login Security Settings Rock ships with the recommended security settings. You may want to familiarize yourself with how they apply to passwordless login. Passwordless Sign-In Daily IP Throttle - Limits how many times the same IP address can use passwordless login in a single day. While most people won’t log in 1,000 times per day, this acts as a safeguard against certain automated attacks.Passwordless Session Duration - The length of time a passwordless session remains active after login. Once this time has elapsed, the user must authenticate again.Disable Passwordless Sign-In for the Following Protection Profiles - Prevents passwordless login for selected protection profiles. Users with access to sensitive areas should be required to use a password for added security.Message for Disabled Passwordless Sign-In - The message displayed when a passwordless sign-in attempt fails because the user’s protection profile does not allow passwordless login.Passwordless Confirmation Communication Template - Specifies the Communication Template used to confirm a passwordless login. Rock includes a default template named Passwordless Login Confirmation.Reject Authentication Cookies Issued Before - If a date and time are entered here, any authentication cookies issued before that moment will be rejected. Account Entry Block The Obsidian version of the Account Entry block has a couple of settings related to passwordless login that you probably won’t need to change but should be aware of. Confirm Caption (Passwordless) - This is the message that the person will see if they need to confirm their email address.Confirm Account (Passwordless) - This is the system communication that will be sent when the person needs to confirm their account. The email contains a code that they’ll use to verify access to the email address.