In order to enhance the security of your account, Swan has replaced password logins with secure one-time passcodes that are emailed to you.
One-time passcodes are an industry-leading security standard that prevents unauthorized access to your account by hackers who may have obtained your password on another site.
Passwords are cumbersome and insecure
Passwords are difficult to remember, and many people do not bother using password managers to generate strong passwords. People commonly reuse passwords between websites and apps. This means that as soon as one of their apps or websites is hacked, the hackers can use the same password to log in to other sites.
The website https://haveibeenpwned.com/ tracks more than 10 billion user accounts that have been stolen across the web. If you’ve ever used one of those passwords on multiple sites, you can consider that your accounts have been compromised.
Gartner has predicted that by 2022, a majority of businesses will move to passwordless login. Swan is on the leading edge, joining companies such as Slack to implement a secure passwordless experience.
How is your account secured?
Swan accounts are secured with One Time Passcodes which you receive by email whenever you log in. Here’s how it works:
- We email you a magic link that is unique to your account, along with a One Time Passcode.
- You click the magic link to access a password entry form.
- You type the One Time Passcode into the login form to log in.
The One Time Passcode expires so that no one can use it in the future if they gain access to your email.
What are the benefits of passwordless login?
- You don’t have to remember your password.
- If your password is hacked on another site, it will not affect your Swan account.
- If a hacker tries to access your account, they will need access to your email to log in.
What happens if a hacker gets access to my email?
Passwordless login is no less secure than traditional login. If someone has access to your email account, they can use it to do a “forgot password” flow on any website that you use to gain access to the site.
Most people are comfortable with protecting their email account, intuitively understanding that it is an access point to all their other accounts, as well as to all the sensitive data they may have in their inbox.
We recommend that you protect your email account with 2FA (two-factor authentication, where you use an app like Authy or LastPass Authenticator to verify your logins). The links below illustrate how to set up 2FA for some of the most popular email accounts.
We also recommend using a Bitcoin auto-withdrawal plan on Swan to avoid having a large amount of bitcoin in custody at any time.
Where can I find out more?