Ask A Question

Notifications

You’re not receiving notifications from this thread.

Magic Link Authentication with generates_token_for in Rails 7.1 Discussion

Discussion for Magic Link Authentication with generates_token_for in Rails 7.1
beshoy23 beshoy23

is magic link login considered secure ?
can it be used for a production website reliably ?
Thanks

Reply
Chris Oliver Chris Oliver

As long as the tokens expire, are one-time use, and the user's email isn't compromised it should be fine. You'll still want to support 2FA through another mechanism for more security.

I much prefer email/password login so I can use a password manager.

Reply
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 78,890+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

    Twitter GitHub

    Solutions

    Support

    Company

    Legal

    © 2023 GoRails, LLC. All rights reserved.