Password-less login
In an effort to create a more secure environment and user friendly site we are introducing Password-less login.
At it base, ShareTimetable.com is not a secure site, the information in our site is not personal and the site is not protected by SSL encryption. This does introduce one risk: if user is using his commonly-use email and password pair. If the same pair is used in other personal sites, a ‘listener” can get the pair simply by listening to the user internet communication.
To avoid this risk a password-less login was developed. This is a simple two stage authentication:
- (1) User will post his Username.
- Site will response with a login code: 6 digit number.
- (2) User will enter the number and login.
To avoid repeating the login with the same code or trying multiple codes there are some limitations:
- Code has time limit of 30 minutes.
- Only one code per user can exist at one time, if user ask for code twice, only the last is valid.
- Other limitation that design to prevent unwanted logins.