Version 1.5 of Client Power Tools contains a major change: passwordless login. That means your clients don’t need to remember a username and password! All they need is their email account, which they enter into the login form to receive a one-time-use code that expires after 10 minutes. If they enter the correct code, they will be logged in.
Here is what the new login modal looks like on my test site:
Why Passwordless?
Look, passwords suck. If clients have to create a new password in order to access their client dashboard, many will drag their feet—perhaps forever. And because it is impossible to remember hundreds of passwords, most people either use easy-to-remember (and easy to crack) passwords, or use the same password for multiple accounts. Password managers exist, but they aren’t widely used and even the best are clunky.
And since people are always forgetting their passwords, you have to be able to reset your password, which you can do by sending a special link or temporary password to your email address. In fact I’ve known people who never bother to record their passwords. They just reset their password every time they need to get into an account.
Passwordless login just shortcuts this process. It is much more convenient but no less secure.
Clients who would rather use a password still can. But when you create a new client they will be able to log in immediately using their email. No need to “activate” their account or set a password.
You don’t need to do anything but update Client Power Tools to enable the new passwordless authentication feature. But you might want to check your new-client welcome email settings to ensure they still make sense. For example, the default subject line used to be “Your client account has been created! Please set your password.” If you haven’t changed it, you might want to delete that second part now.
If you have questions or concerns, use the comments below.
And as always, I would love your feedback! Let me know what you think about Client Power Tools or tell me how you are using it on Twitter, where I’m @samglover, or leave a review on WordPress.org. And you have a problem and you can’t find an answer in the documentation, try the support forum.