Magic Links vs. Login Codes

Not all platforms and browsers support WebAuthn right now. Therefore it is important to understand the differences in our fallback options.

Magic Links

Magic links are one-time, unique links that are generated and used to log in to a website. They are essentially one-time passwords with the password built into the link that is clicked, rather than requiring the user to type anything in. When a user wants to log in, they enter their email or phone number and receive a message that contains a unique link. They click the link and are logged in directly in that session and in the browser session where they initiated the login.

Login Codes

Often called one-time passwords (OTPs), login codes are a very user friendly passwordless login option. When a user wants to log in, they enter their email or phone number and receive a message that contains a 6 digit code. They enter that code on their original session and are granted access to the application.

Login codes are typically short lived and can only be used once.

Login codes are especially great for applications that have a mobile-heavy user base, because most mobile platforms will autofill or auto-copy login codes directly from text and email messages. This means less context switching for your users.