To enhance the security of your account, Swan replaced username and password logins with secure one-time passcodes that are emailed to you.
One-time passcodes are an industry-leading security standard that prevents unauthorized access to your account by hackers who may have obtained your password on another site.
Passwords are cumbersome and insecure
Passwords are difficult to remember, and many people do not bother using password managers to generate strong passwords. People commonly reuse passwords between websites and apps. This means that as soon as one of their apps or websites is hacked, the hackers can use the same password to log in to other sites.
This website tracks more than 10 billion user accounts that have been stolen across the web. If you’ve ever used one of those passwords on multiple sites, you should assume that your accounts have been compromised.
Gartner has predicted that a majority of businesses will move to passwordless login. Swan is on the leading edge, joining companies such as Slack to implement a secure passwordless experience.
How is your Swan account secured?
Swan accounts are secured with One Time Passcodes which you receive by email whenever you log in. Here’s how it works:
- We email you a magic link that is unique to your account, along with a One Time Passcode.
- You click the magic link to access a password entry form.
- You type the One Time Passcode into the login form to log in.
The One Time Passcode expires so that no one can use it in the future if they gain access to your email.
What are the benefits of passwordless login?
- You don’t have to remember your password.
- If your password is hacked on another site, it will not affect your Swan account.
- If a hacker tries to access your account, they will need access to your email to log in (as well as access to your 2FA if you have that enabled).
What happens if a hacker gets access to my email?
Passwordless login is not less secure than traditional login. Remember, if someone has access to your email account, they can use it to do a “forgot password” flow on any website that you use to gain access to the site. To protect yourself from this threat, you can add two-factor authentication to your Swan account.
We recommend you protect your email account with Two Factor Authentication
Two-factor authentication, where you use an app like Google Authenticator to verify your logins, is a good way to get additional security for your account. The links below illustrate how to set up 2FA for some of the most popular email accounts.
We also recommend using a Bitcoin auto-withdrawal plan on Swan to avoid having a large amount of bitcoin in custody at any time.
Where can I find out more about passwordless login?
- Gartner: Embrace a Passwordless Approach to Improve Security
- Auth0: Is Passwordless Authentication More Secure Than Passwords?