Campus is now more secure – Magic link authentication

At ivicos we put a lot of value on the security of our users, and one of the most common points of access in data breaches is the password. Since humans cannot remember unique strong passwords for every website they use, passwords are usually reused for many accounts or written in insecure places, and that represents a security risk.

There are many methods hackers use to steal or guess passwords, including brute force attacks, phishing emails or texts, keylogging, or credential stuffing.

A good way to eliminate the risk of getting an user’s password stolen or guessed is by using a passwordless authentication method. This is why now you can login into ivCAMPUS by using magic links.

Before understanding the magic behind the magic links, we need to understand what passwordless authentication is.

What is passwordless authentication?

Passwordless authentication is a method of verifying a user's identity without using passwords. Instead, the user provides some other form of evidence such as accessing a magic link.

This method provides immediate protection against the most dangerous and common cyberattacks. Users are also protected from scam emails and text messages that attempt to steal their passwords, since there’s no password to be stolen.

What are magic links?

Magic links are a passwordless authentication method that allows users to login by clicking a single-use link they receive in email.

The process works like 1-2-3.

1. You enter your email and hit login.
2. You click the magic link you receive in your inbox.
3. You’re authenticated.

That’s it. Now you’re logged in, like magic.

Magic links work in a similar way to what happens when a user clicks the “Forgot password?” button. But instead of getting a prompt to reset their password, they are authenticated when they click the link.

How is a magic link more secure?

1. No more passwords

The most important protection a magic link authentication provides is the lack of passwords.

Since only the person with the access to the main email account can login, the only concern remains keeping the email account secure, which is a constant focus anyway. Having less passwords to worry about is a step forward in increased cyber security.

2. Magic links only work once

A magic link expires after it’s used or after 15 minutes, eliminating any risk of a security breach if a third-party tries to use them. And they’re really simple to use.

What do I have to do to implement magic links?

Nothing.

Magic links are automatically applied to all Campus users, new or existing, starting with 8 December 2022. If you are an existing Campus member, you can login with the help of magic links after this date.

Magic links are becoming a global trend

According to a market analysis report, the global passwordless authentication market size is expected to grow at a compound annual growth rate (CAGR) of 18.2% from 2022 to 2030, being valued at  USD 12.26 billion in 2021. (Source)

Companies such as Slack, Crystallize, and Medium have already implemented magic links for their users. This trend is only expected to grow as companies focus on adopting the latest cybersecurity techniques.

‍

If you have any questions regarding magic links, don't hesitate to contact us.