From 6263cdb5c4cd26f864e8dd55124ed49ade2c8ca8 Mon Sep 17 00:00:00 2001
From: Joel Coutinho <joelsteve97@hotmail.com>
Date: Mon, 1 Jul 2024 17:54:23 +0530
Subject: [PATCH 1/2] updates passwordless blogs

---
 .../frontend-flow.png                         | Bin 0 -> 16976 bytes
 .../index.md                                  | 132 +++++++++++-------
 2 files changed, 85 insertions(+), 47 deletions(-)
 create mode 100644 content/passwordless-for-product-managers/frontend-flow.png

diff --git a/content/passwordless-for-product-managers/frontend-flow.png b/content/passwordless-for-product-managers/frontend-flow.png
new file mode 100644
index 0000000000000000000000000000000000000000..671605da391a7adfe3a8f874545d006132cdb349
GIT binary patch
literal 16976
zcmdsfXIPV2*Di{RBW)ZMP@0Yk5_&gO6%~~xkVpp+gHi+uO<GV<QBhDa1f)czCiG6E
zM5IY*3Q8{u1VowyDS-fIKM6WB@A>L=ethSgA6}9?``LT1UDmqqd#x+?&l%})@7TM8
zjg5`_%;^)RY;5cl@UMM4JNU-_3L6sq$L@9f3}XBC?Y&=&KZB3^&lw<2wtVbeUthnP
zw?0fAn_pbgICfS^Nhvq4ATT%tY3FPk@lN@hk_c$L>7u^g3ATG%MNYG^?PEK0;uzw3
z{8U2t#i7zaPBfn_PNuK(+G#Ov-MG0u(=?@}B5wbMhtA9C*7;Ff0{gdY(w$)c{dmx3
zg7lWHrk2}xB<KIW>ojWr;m4HY=k{Umyf_NuJa!Yof9rp?K}jvo`h1wPNYNsl-7}hE
z=$s%;t}W*2iz|%i^zfHxF(vIU_DN+VcDxJ>C-1yW=zHAZZ>l@dRiQg!@#*_=*)z(N
zd{%q%-3Y5moj<_ihz?8BlX~~t)e*>Y(Xj~ao$6MX&xm9tEvjc7K-M>Un88Yte4c*%
zpdOIZu5Rj6&QMK3YgkE~5m_~ew$>v?;D)8Ky&u%ie0xk8+lSS70ov}zwjP7|9i2Ex
z(1qbc5z{w1&X|TFv^fZUo3f&kc?dx~rX+T#3sbsqGMb~%=&5=#4St%+b0y)R&uOaH
zV~WW8|9d(-j8JW%-}4e#+xgynV}f7psa26?_x9=~R4WH`4QFl`{n8H`CO<VL!ce{?
z>b!Ns)Zh%aw<GQ|US=023anW+2b}NbiCXt$EL>bQCa<KjR_x_vZ2ynXFSaS-Hd?8l
z?~ddZa#p&l6gkqnu|_{K^5b|?Yn(0-8#lV|Cu(Yb%eD_FmD^a*0A#mz98VbmzboJr
z*nuQ`>r0>HZ(k9piA1Bjp*q7yjb3gHXpY4%wvJwr?HAbSD}gv^Z}D<L8AaM?VTQH0
z{HUm0Km{A9r-MH}ar)DTG>TIIO6qw=-o`YS5#1FZHOR%tpZoZOKy#h<y-x7`c>;9t
zFmmw`LnTXhu)RO#_7_GVL~My}_L{9VXm#SoQ2JPV>-nb?L9qQV&ch!w3{J9+4|@?M
zq!6~wsk9y)x4zaK$>3}kq^LQpE!qbuXSx~l`0G*qo!diDdh3<Ai_QKkS^c+z?@vv$
zcZF<TfBQ!{-g6-2EIAn%qA^J(q74X#&ZGu8K0ofiZ$L23*#OSB9$T`uI9P6Y-rpa+
zcY7+~l6gQt4DD2VFMUA|5%K5P6WZY3`AjsA^^SlYmo2nk1jpm9MjMZpcoS&h5tXmi
zx3$LM$H|5zRHqp9-A5@$F5OT2G-KIG&_s>7n3DShMs1TN$Z;May3`QVrKa^s?Hhu{
zwC{rJB5A1J5Vc-LTnT~Dm_TH-eJJk<tDf^czj_Y7UgmVRa;Ma>Cv#TR5OY}Tol9o^
zD~ofI9r0?zLAB@6GsK{j8RLFGd|S@A8EU;Ppkq$#_T+6fopuh`y7f2rGi8#`j-xHG
z>saaD48}}<K0^($=E2xAU-JshGiXW*`MTzZ6s<Ea-f^zprV7m880$4r4380MnJWtM
zBciQ(mvNmXZMu%`b$+l``qG_Ut}St%m5-KRzY-iSzJ2X#u3xoNrK{LjR#i6qhBgx8
z%-=M}-Z&$H{4yBeRi4d$rZ;)4bY?l4sLAJR_@#*AA>JouLMMlq)aI|{uCT3fmKncz
zn7STOLRSeUGAONolD~(a3i#3=-;;A8&6E6Y(L*N9E3`s7MYI_k{+39QqsjF-C$>w-
z*Gqru4>8x@rBgze0gHCLRz;JXKGPrc`f4t&HiNo`q{g2J^P(zlzLL#QZ1>J^roV2!
zTYvR!xx1ItqQ_SRRe++{Dz}q>m%<&2?cF^Y<P~%ti}RVZ$1Bi<z$vqKn~@I8LcygQ
z1$1x~-&#)kWYF55YrJoIrjs|RBKO*WzMQ0BU2dylsv3;Inmw3mk&0B$3BrZwYl_92
zCsy-|t-~+fT}}Jp8i1rPsr5vy8m)kB(Zk(4$eV_8b~+E2A@w1stFOA_FP^0Oz$f*=
zruq$b?{<E}*|>R_znXgKV`(Hcq@<TYd$u|=^e~lH8>v^XO)Kmqmu_1bjEtN6^l`md
zKe$srx6?HrC*x;+ZM}Elm1{2kyGJF$%a7YP;>+?^{zkE08*uKE?6GoRX2tA_ZaU4Y
zo6OQTe>X?C8`i_@-zJgQPc3u~4(R8Nb5%YC7e}gPaK~~^B=ADRLG<a{OI7`=w3S`D
zpXJgY9_@r#tF1Ba1XsT+9Kt%YeDqf<sy^{e)l`q$#AfR=m5kV3u11i1D5I!0XatNs
z^lXVVnZziLp_ri}XdehBdNVNlA)(yRIn48NKV2Q?IUeA5A~4!f9Z!f!fmptdXq}S|
zD-F*}ATRr4?j__WcEKdBtPz_;{-22!-;usKU#i1}7NRVrnC5LB08#UE#-#m$hjQ*+
zU+nL=vKH`-IsN3v3rT<ee-$hLgJ^z5q@vSVgrIJRi8CdM=uSuzUitj68;h*5gq2hm
zw>;gezU;a$<RFA!Ab8S|7Z}!&NBlDHCyBLgQ#ZyK>xA3g@A$B+<pJJMO92oky2CRN
z*D<>+GgGd29jiNWU`bZ1W%zF8S@bAx%^q8nQjzwp8AtM4dCX;UR?>W6B_FR6M&i8(
zS<4$c_3?wL<gO7jKEVq^53^~g+d9Y3T`+wp9CM^Pe8}X_PeSsNr+5tFKOlYG-Ga9#
zY>v7(@}_2wHC2+&W@7m3&X`>XIK*4JVD_gjSNI*E?;+%{v07N6;$BZU<g328opFHG
zpKgX5EjGQ&UMS&dfDr4w_b}YW__GD6jUMc*w=7X=qxyD}UuErJ<ZzRBM#o?}^#*fQ
z+)+;`$A#H5^Lcw^2+}nQxv*Xb>u-wcMbb5V7m$??H3It&V(%Q;avl}pV|h>ZkDWt;
z2&_lT!N3Fy{-NK`VLftYXm&ct{WUvZzy{YepZO&@H69nfL7)Yk^{;z<tkZpm=ay8;
zA|~jqD|JGKYgA9Fa_h+0RH_C!xrtbd;f&$j(Qxy=(klvYa)ngs^(_Vup0M*>K7kc0
zYFj2y{cfC5KwlW*N~e9la<kFsh8`y;tHDvYXv_U93~Es5O|l?d-m}h({?)iKy%r<F
zGXEM(EK#SUf!cYK)j=A~^UJ3ODvtFLxIBjb4fkAkxKV-)W;g4V3$Q`EJW}o&|C6xB
z-l1(jztnNbDY4(4%)fGywbqUVM((IPOo#ZZ%{e>G%BFxt*X8Nf)LI$VroKdA`ZQ-k
zhEt7X$s0Bu#PYW6ok4<0;aFBZOr}-cPt6z%&6-fN-y~l94y;22CCuEye*J79nAaxO
z6pp~e7MeR@6C*Uv4O>m<*Hk7(d7HnE(7ZMdRC-WQ#P})HD*DA3*NzX8r>R1dv-qbZ
zq@_$T+cDVS_hi)CEKb-5ZFx^h9)Yn!g`{WN^Bk<%z3;eY+{zkbg`!T9t`X(J;<HZ=
z(#^(Q^6qqPdP$qpSC~o9oKU;db@K&n3V*e{S_BLAA+jAtmY=Ff%g-L%b&>rj)f^Lh
zgXFh*&q$UtZ}SV<OlQu=i()UxBTMyH*8R;H$Px+Mz16E1vXB2U_TGj{Y$VJ#-V{B6
zZQUf^(u~Y@ed>dz?`N%>b%u?<uLU_|?&s&YbN<KAg!IjBd=|>E@pxq<tHZ`zE-!1W
z&b8T;zkjy3D|#Jx|MW2l+zjjBlL(X?y#DLJFHXnE!e6yFh9NTQXmd9yE_pv&rBFNy
z>-3;iwq-4;8iJnS5|Eycfxp*ceNz(kISW4hlJXieC(7!km%!+t%;iDdu<j-)mNJuI
zig^XSWxUak8NA$Q$M}89@@kw8>-hDZrGC*`Oe6&DDWdt1x^%6?L?lD(sEvWK^9a--
zmtEb0N}Bt$55|&jAuy3?Fiux7=kjmTIPwidWu(y9e8#N$QB(S!1&3qNjrJ#DgL<&_
zr{)IHje|#FgJY+tDs$yhYL2ol6hB@<-wr|$UJ7d{SpOkS<L>q9S|KOzV>;V?!p8Wh
z-P8^aSmm~Sii5J#_Wk`rHa`OH!NNX2i}1TnIGiD^#GZ-%p*kQhZj0M9Mp4DM)|vb{
zI9#-51p`k2V!)gx2=uzl7)Uo3^bbkM5j9VvtUe=TIWEy`y0IkmvV_?*zm5r#{{oD6
z?p3tZdQa6@aSzD?>zE;f75h%45Gmz12tlzLU(1aW0<KOtHrj4c6(BHvM^bfopHtkq
zLPg#RPTIU|+)-R6h_5_NT}iLvzXFR>RNxU`r{4b%Nz$xW4K$dyg6SOPE<S1oZ;nim
z(nA?qk!00uD;-1zW-q=VGRDSFa;JRW?~)t$l2ff#!X&hxiy*E2fQXh#&R;r6q%=RK
z3`JeZ?&BgbM6F1eTL||%2n_Ek{}acL7u0lNWWXp-ar-JI(*jRZB~DY%pQbK8rqrib
zx!(oN2tg0`PC7BaGCqf7z6rh}qFK!ylQ;g50L`IZ|Etfui_A9$Oox>m-<U)3W6CbD
z0H(3*V0|JHslev1Cs3Xb_qy%J!p|Ys=1!w_Ah37911}W#<}oEilwfcZdMbGi7;RfB
zsr>*ljvs%5We->C{LTwW+sgKs(zU$5jPfC{*88!8x-hXMB6BrN>4JofKYnw`{ck<9
zo%#f=rz!n6A|=h?fYai7?~Jtw4x03WvxS$SYrBCHG`Y#BT)7igFtPnu{0m|bPtL>G
zN4KP*`3Cdk)RGLJr6_K7$!)FLtY-=H0u8pwsp-h@7{Sb-#_tZKLbg)PZtxT!M%m!?
z*B?{nzxoA=ByC#}279aco_dSp>rOM6*FJ13TR_b-%C4h0&OaYlg8^>H3TPe;1D)Qm
zkp-^}^&TA)+{x+?hTrTRlcLD+4!li}uH^QP*m+a)qVKDG**?uvtcPgaQm>~N$>uv-
z@Uk7uuR+<+0WSwe+dd+%PnC^TjBEZmv|mGEZr8(jN6n*=F{UK_RFMX!ujpf2&@me4
z{Qqd(&W<L1-V{(Xd6XKiP^WRg*XF*aI(venW_ne&9`}Mu*{w;MoW&DL+6`eRLf;`*
zN3Ag~Z}5hC6X+{jv+{=V&~?c8?CR&rID7XgdHdDcTkTU+J23a{1e<0(M6vsqqSL&M
zqa4T3Nu;F@Bi0?yvgQWrzu!E7+4B`$6}opaK>Jnx9)WCFY6wDSHJ@HJSfu7@aTvxS
zc2zbxR4brO;4$Sgo7TlO8SKnBs;(YT?7__ZN1Mxns+UG+B$zH((PXrWn7RMGqAvQ<
zw5?$9>)w%>HmO=wf6NC%)Noi;N~pZH-&mgcB3=4ikMVi`d-gVacDuP`54*<Zp9#v0
zS9qXtzZW+>@cMhhxDI4qKn)`UR`y}5nCYQrSnm%XE|XGEu12Rote#G4v+efb7%^I2
zoM<sA-)9(QLjR*K869-9k5bP)Y!>=R!xMw46l%-};UWZWdw*b5%*?;i0#<e@>5aoe
z>meD#Wz~QZ<vx=SD6gpGLVy1FVzK<G@y6GayBS2Zs3NV{WB`#=Fs|FvAWd#=_2ac(
zDY+>taAIE=-Gfjr<4CgkW3_GfO8G#%`*cSQqxh^7?beUJGjjER)ET18q?`4-y1P6J
zahY!2+J-5OMs16_n4NQ^d@fsAuupS?rvBL!U&1|i6aOgRPNY4OdT|X^=^Qi}S)V}h
zx+-_zWRDMgkIJ(D`_h^R_P!Ts%U$g$vwnj@*GQj_!9uTTnGa+L$9+a`qo1Poo8=%x
zFRo194Mw)0w0u7}k(86m&!30aA8{`?r;q<Ov3R3J;m^l<1_YbElb?EUh?cat$x7H*
z{bJN0l1h5i!oBc{CXYEXZA#zu0^ErHe12?;d__9?aO-{h%h)*ty^`X8OuDg*;1*7w
z_7d>>6UQl<thn8YtMaoitUfS7h2Yo{-U3vExRpR|U%_F%rp$c(aGOq;oENpwVmioD
z!x|Ccc<dT|%cn5bRGP>swBp+pgm|K>y7jZk*L~^b*D}yO>b62d{h8?O@=n;;>O<<c
zC}k^Y+hg6IKG%P*dL@lD2B$sb43(p6YEVu4W}KLTdSM%8J?bQMf$^2Nf4$S-n#Hn@
z2oFQI>IC&m201Dz<VEAwo$nl`PoTQ&w{O|ZI$_T!!u!SqdEY}mgzdG>?>E5>GuX6o
zxj+x-Dt7O=158J8;xyGInWpgbO8?WFfU^(WB)CfKKki9FP8Yf?XHh#?V@5NlCkibv
z{3w|5X=(t}6a3T`8fY!~n3BdO;zVfL1l+(eSmyz3<jsvuGq{P+-uhME51@#WPQJ&D
zTY2B7&1jfd3bWhF-a87eJT&R=%%ON5dp%^jIWsm}*=1^2)H?^}u;Ccb_FW76Lq!!J
zX9n+(God<rC_%G?yx*!RVxarshS6VfNNTs!S9yIDkDaVQ)RKzBIb`-J0e8{408)&V
zn2Ygb22EL=T`TeluxHGITv|~-&ZE-xi5U<*K4)ug69a>6eLtbFI<z2apG=bg5ptv9
zZzGTges6=)I5HLyvP<QGg2x0u56|Tv0(|TGC4GlH+?qbw8NIQ~=KY=NqLn>z`(xmY
znDf6imtOmfVY~~cI0?(njaJ2H(0HxF=-UYf$0pDY`6zK=mtwQ-xVHrr%M4{9q>**~
z?5iwFR&~%l#OMo8(ltk;gA+8JRPPp5)xJ6$SGeCvB{gj4Wggiz9iP$apw|+<ZFI?5
z*Y1|EF2~4;#)H_f{4?J^hWSh2QYzG1ml->f(ORbTm=3t=LkI20HgUnyt*V5H<L~&F
zyM#IXj8Qtv3N_C~@lQpI9Rtuk-HPVL<I|SZ{f2RRxZ-(K&TNBhzu;R2qm;a~?$MCB
zt!ytL$iNjVXF^U9Tt>W%Di&{~4&A<f8qNL1E;OMcJYnwlg!zf6=2Y5aa<@6P@V;D@
zudv+l(}T5Z1F1Xr@d`NYvCuZ0lLw&^e#KU{P1CoSv|Z>b>=gFwb6V57#e!9zjP>1-
zj97d=ak8z#KU?#J<5fnb!HcjZgqP$1PHW`|VZriZNMYjnn}}>Zm{_}ZeWprFBxy5;
z*nK-$&iC$EcO?9omr1o-LM*a8+1Vo?dl13nED^r!+pWKBb#^{?S_f0q7#>2XcGtQn
z3Q)zB9JDyH$r3dai5O_b<{%cjX$chS%lunf<hobr?4h#N`Wz>JPb3PFOyk>&3%67f
zI#rf!HiPiZA-c^GMk^@(#PTMr9Ik>gF8!(PLMsrAa83<(M$={@0oGBL74V(DGI!j!
zxFMO(B!l8)XM-W4W0hADC@5N>9(8}ERqRcBU)b0&M{S9Ptq5$!6H0xdtbp@^#t{L^
zvX>xDaV{0DUi+*?zrO|Bf35dISfN9rbStbi{E80JNWUXV=(weZ6s$LYVps|ZI~Qsj
ziNG8m7A^>FZ8W9cdgRUDJtZ`0Au()Q-O8yJESVHX(LL-JQ9wzx2}GMyOFPfmp-tdZ
zy>}QxgZ^<YxzO-z&p6A<xZ2kMsP*d~3#g)q=GgZKciG6=Ym9YhHbsu>QfCY?ry=;k
z_An;$$)EoXFNB&!0k6VzS))f`_)R~r@`=;Go;XRsc<oo3T@Rk7D%}uO01l(`g4jP@
z#((H<fCGShjVVc#5X8j-KERhH(<Fakr5oD8axAa755OnL<y;2?F+EHj(*;7#1;oq$
z$}=WxgHTjI13*{EW15ooBBLBxRsvhX0p5n}fP4#tXrwEd@CWh}!vA;za2K-!-uJ-w
z3GahKRsNFdKmF{e5u)Qxobi9+hBqz$sQA~2z#Q-2i5CCSGXT^6Pa_F{of9KRtT!>e
zzL(g8!<+ETCFk)HgN0xIw+;OjP{KU`mOQZ!3W=KuK|6k}%?sl})^f3;qV1H=#<EVH
z*l8QOx`h=!f5GKG0wvVhOE?{XXVDjWO`=Fq#u4IK`%o6D?I*-*il)%GS@3r;g*KUo
zsN4z#Cy`MMqBySJl+KTYFuIo-Y(|U!71(3`8Jp4_1R`xWcqhypc|LSCM%i37FfN6r
z@-FHKG)4rXGWj;QDP0uWLUhcEDg0u1vnd@g*&S9@*<;`Scv2WGgUvbCqQIJw5m~>a
z^O<ss7CpYXFfhmInz((EOY_;+T7q6a<KGg5z5Lv5sa>BqoBd=oeA+RKn1JQtCbV#C
z@ubkm&H{aGS?wdUq3_L;TuP|93s0@38mEFU)6A%)A2P4?RRv>Lr@}nMbq4n`9I;ag
z)%J<kwYI!}Nwnb&qxe1_3Uhn=vN4YGq3*Lmn~wQKr4s}*6<;&yPjz=DXsc!@a$grh
zTUH>B(rJ@1IsNepK^kj+TNh<MqD1YtFduj(G}KIkCx@tE>z!lp{4{d7^PKx+kY8mZ
z^$%gPdP%x4K5@IFNw>e+Sl8!K0mGhdhm|6pI7(f2zU6>;hTG^=+wY1aGyT!Iov<<o
z_tN2(xksfLH;4ETp|;#%lxidGVVo#DdLX_3iq{^|P-}$mM28u{M-8}I<;w=reX}95
zbfHD7rwzv0-d(eU$>=^Gmrq`1zpp<kqd1<L{!(poRt+2V6tnkuEcYcW?&hKS1?{Or
z+U;_ZW#;f{MQ*W1&y@38B2DddUygKGXZ1_;GdXD;=c%YYmK3+!ai&@kM%=@xG+OGa
zO|wS^%|cYwIme`IbqjnzxbEDVAuLTVX&}$WVED0Ja(aBCOSPg?A5nAE5e5r$wulrb
z^ZDgrwBA-wNQ%6uG5^fc5nBcC0pOmV&b?F}F^$g;XllUIg3i{eSR!`Wu6~~=_gZ?1
zehv>ym{X`X-Rav~cmy{2wDQAPP+H?+E%%&JUnaVHu5Wz(9K1i_Y{)Y|C3uG0gVl+J
zPFPMoYOd2E(6}OLo3(UJx8vzmw0D(WKBeKoD|F%&cUY@fgii^~*qrmr2RcGlT&J|?
z@a4#MzghCD{JH%U4{YZRnV+=);pNqtw0Xr(Srk-ae98bR29d~t%k^#!#9p<_YK%-R
zi8&=~oWD1fD4l)!kmq68%8{t1y$8e3zU8$xv95WpKU4`Tv#oxeF1!G%zj<N1<64?>
zmnXj{worD)HCAdx0Ga4pz(}A>wBus0o%S0!x%k*Bg2o@Fla^0Z)M(tgOX16u@4#gw
z$)cG5jYBMFFGr&tr~CQt{_|92`-PKK&HJ+4zV3w1ZGm{UNTjH5PAnpkH-u{<*h#zX
zX-)CRi-D`x*3)6(w?zaF)sxhk$3o9zn>FFK$-klQbS-t~>cQgrZRlsIhdrnBsx|K$
zX-KE#G8kxIyV_!Nx$kCFe50MSoUhj7mzwP<eyY+a@<TqtiM;g8ZPvRC)E$-Wd!LM;
z{fh#S@GMl?oQ`{cP^DwJ>ePAa#|9p{^v5iUGxa)wGVsWMa9r6dUZwSbUb#YMj-bSM
z*@CPSIj~;O_}1NNYZy4gLF4uZY`A4xQ%}rChnl@pZD%sbY59BI0@|K-qHC$>Hs3U~
zcBiJ>tLNo(-~PG-*sJO{C&Iq?W^0Dv5k}8bV&|T<EZlt=e-BM1lnHcYb5|h!{Y--l
z0?&kz%V_N*CHyoI4E(F2v#Lw3@i7=ayn9u+CP-@Cu~Cg4c4%^bVd83;jjm6e<ibUq
zRe4HO*_vr(^yQwzQ@PWl-?nz(yDXd*##K5U%O>&H0(bSk?CB3IG&i0SR_Pk*E&o8L
ze>}XBH^0;GKH%V|Wp~m=b8wtW5o=2v>NUCm%j_pzn{zF1r^f~n%^91K8^ob5bd)j=
zU^j?Hz<K|q7ja?`cZrz&#RniE0uqBD@&ug!*Oo{QCb|byVLOt=W)j4BiBMOLFCh8=
zL4WAs$fzC=SGKL}LSQEVoB^r`E2O3a;R6j+5hxBbTkl}LcIY>Vyf6h4fD>5b1*f~&
ziq&^>eH9))#$CLm{_ZE+IfsNO4HS7abbe8y4XDshpM61OiY@<Y1QQH21G$S$y&i%Z
zE9WfD1GU)U^?(L>Nj&(vchd2H#!hHmArpN8OZe@-Zlq15>32c!B9ow^W<jt$uo=$W
zq+gVi8PyCnRu-aYH;F6+X2u5AX@fCF?0g9pjLUnhK9q>oB8qS96=1oxrF3SmBs!pL
z=~dcWe;ponrmzJRIY>|Xi|s;oYzjDY9H?ROKk))HWJ5F)tU3!BZ~m8k{>QmuGHmEL
z`e8Id7+^735S#yQ1(RLBh9<>4R)Bd!q8)P^VZ2N!k_dqmV1XxO7HhI#VQ&*5EsuF#
znL6DD$b)VGbS{9RC<(k3gmqYw9?%AN{B<{~`|eX-Uz=ks`Tv}aU@4CxSyGGSjcEo`
zwwwNA%ze#<1FS0m6ORy;b;j+bC3{}a4Ie{70NfDa-_y&rVb$V28Q6^5DM%iO!y6&^
zJ2PResu|49<(0p$wYJ>rc@&%*0DG0qVPO`oNO1STu_EaelV~GeJxuHdREV+~InmZZ
zUFcft{{ciq#=!8FjeVsC#`L-p+=L(VimrEYYGEeTHOkA@KC>=YMaCqfsZk;^Y-!h+
zX(k6*3qDnkEjv(^mQ#1q@u{)XL!pNn1&pPqjTp)Jx|J2<@58NXg>LZW{{Hdbd4T*Q
z`td@@PMwy?Iql`|R{}M3_SdLQ*G)AvVuF@`&sP(#$r{qi4)W-m9`-k(mWI-=*KrsN
zVz$4YS|)ziHnHShfCChpkglm|I#!8Tdr84?eQ2nXbC-GWY*kPv^#<2$+!Zu2au)w3
zO;0XE(?d<$ls>R&px+d^XA>l%(5lz`@pR9m{YRp1a}kPEWJenJa(F}+`&fJ%K@VF|
zm#)6<4fEFf?a^<t9?BzHrELvkS<SxZLV2r$wurkmnk2~uiq+A!2$1D?>kc#qN>7FM
zHuDy%J@e&X#16Iv#ZMo@N3d?DI5z3c{-XSjN0O`U=J>rHxV_YJ%b-gGPecU#auAi5
zu<gOarNP1zHt<I~9p(L9`EFT?iUv#1>7q-7tI$UWsGAP-$Kt1KU^LPYZl%oz9xTxD
z+pR$@jYrbjQ$5kcKO*&&(4>99W2|Oq#xx!39(!8iZl^%8w?SN%=rncpLoJ=9zBG7b
zW?V7xK>%wzE7_dc>_j^>@-!|nw<VJ^@1$|g<)pU_tKMW8$MCqZ)-zN^S!oX6B-)W@
zi|2U0ylh}yw0YrlO~<FFaVI71Z%cnGHEhi4Xt8sHmEFUC%IoZrhPCp2o9s=Em#GNI
z&wsc_pAXM-;F5E5@tQ~-sz1O4?%`fiHToLX>d}z=<@2ofo(<P+?r)AQ$P1^q+a?Ui
z?3r?URf2@)xQ?N|DI+VbvDKy8aJQ9sHAA6?!{{wI`l-GA#}7~W$D5=H#MZ|LZ81T4
zRV-nW^2yS$FrV9{(7m}SJi3M)XvQwW(wse=$ZQqOSUKKN3a*cLjP#?GL^Gl)WEvl?
z>|TM@54;%>9jqA*_Rf>D|MtBMHlr6Q#=I4AVpiD3LbZYn%EXRh68V;G@fkH-Lk2fS
z&Af%%ce=3o{K4w%s(}c{$}hp=orac$`NNUh$~1#X#S<?n?rI;_HzMy-qHwfF`*_?c
zyjwoi>tu&a>KXzb-AOw-T|5^%dXoAhCjnPcyytp$eM<D837kh1_1eb3+cEpY3QEpA
zx}tANX!#}0J!J}Lbxh7<?oV23n?@LgThK2dPNzjIz{XrlgGl$JLe>jlxD3@f8x2GE
z{^?7IcdZGX<PJ04YG1`~X%w9Qp)BRD{rC(@8a}90eNWNHB`P<!YhWHRzQtH)dnhxM
zko>TnuDOo$GD0ais`g$EPvL|McB@=Z^d&q?20hetifx1P9(X*x;9p&6LOOBjJ3X<y
zXdXkaxhpRhL(d4Er{+g6G^4C;{ul{z@a;L4{SH;@hFM<Y=B9W1^ZHg=9MoF+Ja>!f
z=DcQLj^C#xaAA+WfB)8I4@H=Cm^phkEshIyXEii04737jW0*cw`Kl<dF&~)|0y03Q
z=-V>Uclkgh6p_?)K(JBiN_#=Hi9~2`gH98q9Y7BCAK4r;HppAbo$&@YesJp04pvm|
zzE2qv{AWCqspR>uN3)I4vY{+P(K;bLlT$4cBnC8(GN;B0=PXH?1<N431O?lz&~;)F
zZxFAD6d;*8Lh$Eb;1v_j{T0l9#ZO2#hG5e_^bJ<{1nwIWx({sjhZ0+VjR&uTk~%<e
zW5PM0y_#J+k5nBU%WC}GTuY}1PB7*Yx~S<h>yo(|D;6cn<^=gAm7C2$UfqFx^y8JQ
zzm>g!;AE9$f_;or%3bGz=30$a+R<_!p9_B4rOy7-@`j7Hl>>UD%L8o&fzACR#c`gT
ze5tn^2j!Ni#W|}7Zn@;vcEZzax*SaEjjcyZrS|8jc<Uq^z>KN#Zx3KYhGslSX5Eqg
zZZUno`)Txqdp>EXm(%T$9<mQ1>488l=XHMUa+>F2j;H0LWVG{*soZqoNQrg6-A$2`
z>%?j0XwNq_LiA~W9b9}whxAlo_xxZSWxVBwDw-+<8=JZ~TjXD_TH&J5*R<Xe+AObi
zbq!x0j06%{3q@h#!JRWN`-&o*Tyuv*+m9T?UOoJ1Duv<Lf5gziu&5zSe&&**mxS<B
zSI+{^!+~Yb{?Ks0x{_TLahJz&AmqG%%<<Pcy9aaK5Z~4wQD(2f1}gzHQN2v<(nNAc
z6*>NpR_hC=<bl*knatf-H~VNs{xhz{(Lprb^R7R}V^y8Y4?7zOUdATj>at{JK@V7i
z7|L9J!)$cLQc=GhWwnUnWU{*GVGj$RLEDkG69!^!TnZxEQ_<P};=wAUDML{dwmx(H
z+lP^>3Toz`^YLA|z0&asPFUT5(bw{r3>s>jt8el$?8n5bzBWyp3}I@HjTSOgrn1=|
zUfl5o@hV;_#q&H|1FKRXo&(>FHM9#t54ZK#tpva0omy0C474QD=F1mOp+Y1R>pBI!
z_!2q7kW>`h&CK7jF<Tcx^J&x=k)%80Wbc9c6;Ct&>58a4&*wrx76?0I&gQavi)lO>
zaaY<fb%l7FSh<ruOVVEHG}HNhMZD-)H8KJcVbk(1k$)`cLkU_5UyKQvq$n|0SBCV5
zasRNw=B)I1uYbKuk40s<EL&o8MvHinJno6GF*)Pt3KtW|l=}(x9}he$%G|F}KoE{5
zp<^qTPf~4ah7UA~(%R-?0^D$T)aagK@^h&bMRU7WN1bydhPmBa*^Eo>vg28Z^GHk+
zN5BDhqozFh7IU*lPWMWx6LwEpVB2E}hXZ$M=P32|KR2T_88pUgM4OgPN{oyNV8h~e
zPrkGXrJGTY2yzt^c&>bIE2yJs>treZNSS7N19-t)oLq^rqm|x+JMX7jrHuDW7YtWX
zH&?`)59}SaQJgz_JyB{*N~WO4v*1GU1I-rP1#yOEzp5Xicv!j2rG0!f$bxD~q+ACc
z!l*fq`e&xYI{~NespU-Xi;{!+?lB=&7b`EhcFiN{iTSbJGh<KVzRPFl$a9sA?V1cI
zG7rjcUQgi&Q_&e}o=TZqPTDPYy%*F{{KoVIlSo>tYIlzp+5RNAFEe44^2t2UQ(dIY
z<+CmV38e!7e9jqO#JR9<7I7MRGxeBad?B48^1l&<2?2q=Pd#csp5A7n_vPA0!`D$t
z%xo4YLD+GITG0%-J7$`w36=vOD(GBi6TE&IW#(VJhv}@!?XY^YuH{dd-q3D_QP&aH
z!?!{d-j=a#g&iWdxNwXmGEt!N1@2%naG@Y~<v!zi97zHx6u=BR<)%jq6`AR_qb+%u
zJ=t;#Pbp$YnI=H70_?{w%~OCCfSh|mx^yB4IiN6Q_9_At8~w$!m??gE-A0!0XWDJk
z--yS*^9+dU0`A(!kaRAlqXeu5f@2^+0dbPas3CH`kyuoR=nVw@Vfb6Wyz)k}4w7b>
zGWlPe4&=Un@}s}Sik~cMcHd7<{ul89CbIIKtn{G?Qk&x+v4WLeXf_suS$EcZs<J~9
z0($!Pf5au;_Z$40`Rs2o3q+Mozp|jr$?n4%A46IOiTouIGlhuh6V$3g?agi=Qvj7N
zbY6gVoRt^=+Xum!e}qCvNZ!yaSky;*8(=+v5pQH=|H?n~L79P%7x0@mwi_@UC@TlT
zxz}G=P*zF<paxbR0g^GGxc7Im{O>*k)OrsH;^54<pn(bwZ6!D}5uoM*(jx#$VCfN%
z+`$r6m?rYubNr|F0hV@thbW}L1H6+2;ROf}{mhkwGIMZDef}r9`K8`)5FnUy3P~6K
z2fBgSISX*yvLEgGe5(EHy_GG@3&lvC3m4T(rU^ld57YV5FDxahPhDj4cJ0v$VQZ~u
zipML6V``5+YVnxyyd*z_`gj4r4E%Q&q$+0D?s7pVP<KTLY7(Np<#E7+Y}VjsBo>Jk
z15DmOXRfzb8asHj(GHTH%Hte;znjv7mCdtH!Nlg)0u0KZTm}8VK;=NmZE|y7m1nwU
ze3Y0=?u2K8@MR@ToTFF+>0?${s@M~Ji@ykxYV|{x&G<?WJ=XL2t;lr|ca`9RYtOx&
zb3)2k;Uwc#1IZASDTsYoxK4ka&d8O!PJN$v)p4e8c^`x=oGoM-e-gx==DK^2yLIkD
zyTn>#>0Op{e-IPy<3Mu?97V;{ZyKgKiSu$`&bEq-!Nk;NQCXMzGlcZS>}96iAE-6;
zU8oO!mQb6J+#kG_MXcf<Oht_eq-K?=m~>sS{_*K#tXsf)?uPmFSig=_oqgvkf+ri3
z5<igkKOd{Ra!qh})vV{D<gobkwRdQ}l;J4do*rJ^fbLQ=rQ1vDXQ&6!eR@G1yKY4~
z){S{tgWD1p4Oe~Cdo}9pOs$h;*rjW-X~Re2;Fl^GLm0x?86&*$gIa4@ZGNhV9R2)T
z>Z3mSvZ*0i8qY(0-BSV07Wbnl!_Nk60>&jP9+JK->Hr0BXri!Dp}>Axv3ufho`O@1
zt)loP9oy(5Lmd&Cz0ZT<j|c2?zx?Ws$xuUPc$=s9VfJ&+j?8>Y*;{!<w5dFedZevA
z75OcaYzY!-`i*FXDWfeiUj4Vo&)~Gebj?9BK{G_9kzHKIn<M1@@f`8jZG|(7&)ri=
zXyI+C&WTbuTrnXAcfiF0`{_dXV4Grn#~DIVfsU*>^>o`cd0Y{Y?$;cuXtxt64*qY#
zE*5kf`h;mdT4-mm$Kry-HA-myH?LB>sBNFd&JNn305Ws!p;}~y7AOs03D=pppO(*m
zwUaoRnlVStprDGR_|n>)wOqa1r_WvemKc`dBVATJK3-QG`D5M{21OV1K#}&sIU%og
zSDLB!?B$1M7880nl>%pHf6E1$s=J_j2HLLab!q;!gwYnymWrk~)kox#yCst)>OJN%
zk4(RB(Rw34Q;jVuUO)n&!O@$0LE&o7!j4|9(j`8jA$e^3soA<C$%m*x$Kkeos#7it
zG?nQ;Z?`E%`U~`)%1aHz8(**8Uo}RcJ#G<?^v7xpyp#Goq1~o#;l;W?`1i{7lb_4w
zuvh3W?gss)r*1Zq(5zGBU{k(Rzi?1pdaNYJS=X#mgw|QKJ2LV%Jx%*Ay&;s7ntlBM
z`FlC9eIj*r?VR>~B2;J+Q<s1bF6|XFH|^=IpVpqQ`joJ+^d%?hpS%cC)xg~cw|!fH
zGnV6jQ2uKIK2XJ<sT>M}{40O`2IKzk$kkACo5`4JOF(rD5RQSMceaY9fHxaUz$V@{
zgGx>OEuexzl{i4kWaeD~;rmB~U<u?E2SND+5XzX9QGe4_0dHjaP7t>?q9Bk-AsPza
z`=v#)D*RXi_TL!XUrOfBx}2YZh*f^bR8^r+4=IyC;M7G;EFWocg0#}3VU`cBu{d$K
z9Q)r@@Qt9h^XAVGcnjhh?;*qjL6?6|#C^q!^(pF9Vv)ZBzLU^#{>zex*%#Z&L<tP0
zKKw7l@fT5L)<}Y+Z$}}V2eCm`Nv7SU@*wHE2_o2$F;LPs;xyHjIgI?@lfL~7?_}C2
zlmcdHK4m8UGptXL(5nVpF%h1%iXgzuH-VN(Xw8om%|wcMIWeDz-u=GWSP!PRO#(Z!
znH4n)5*|JWp{0`rsGR&@_HCxch{{b&0l+H~R(~Xx!l{NE)2U$ls2;NN(JzN%(D#eS
z;=BSgT#u&dVRhap>r+!N%dU)%@+ehEjl2#Y_qE4^^Z^u#HB9L3<=He|7-9`%nwcw0
zLk(uf{SkS+9&NwYIlXt;5~U&SmvYuzyUby#tN9OejY))2;F)!9v2~K{SH46hgtK>x
z`Ex%;t;Ra3;EZ;Oa&?0)PSxU@-}&yPAI}^x5lT^wC3X8FxhF7gL8C`(RJx+nW<Pu%
zZ`}(@A6^h2*4v>3v<k<=W9ydskBEoVQ#<FydD~aT`|<B!kx>QJf_P!P(!m^C((Y8W
zeUIzuvPE(KigK48bKy-xeA>c((20joBW?(3K-({1CqSN`ou#+mgT>k8Pi4b+2|Mbo
zb<44d!p(_+^OBL=P6IyCU47|p7^OkX=8YN;YO<ANRbEy^P0nnGdYmD$+qmj#`}mR#
zZfh|;TC(-wdP=KY%}n)cyyiBWY^3O7&bk8FdXBH7V>v`kzeY@KPpYCuGvi$MYlVf{
zGNPuA=qKsTX$$4sC%j}57nKACX9Ke1JyeJkQ_>FbQY2B>$vn+%=umTDm}O(lBMPp(
zWj946rAj-S(ik;^q^3fio!!5N5eMs4?0$6CXl^{!@coaeA_~>uBUpvDa(QzjvCE}O
z=4%fq%$=KSzfTd<;fv#c8dgrTfq7e2@#w10Uh+Uh4D^OqSXCL3CFB>Vs#)hXhTE+c
z9!IC@T7KdQ^=ZE{lYJorw#exn0}jJ5nM0#BvY^4F&D+&xMi`^q<=(%5o++pKs={OD
z%h7fOqcLpS@7Dl{%w~r-g&?UPFO?k{s*~aTnA+E6--nH(I;>>m&SC9+ZQE5R=J6zz
zlCo7Bw;s3tUUZT9YGfz_DpLk>7so=5Sy#}ds#YBZlx`gR9muf(L~L^=o~P__XJwo7
z`0T1!>(cfO@Qgl0S9C4ub3r`IV=lWMtn*^0oDA<~=p4Iam?VjXvVmi`%)-HcWyORK
zFu4<S>scV1r693r8Y_#!ET3kAQ-If5E@ta{3C;VE3ms)+9@Jmb+pqCx_kgs9UzgIq
z#Jr%8GY)5^6QL|3(BfFNC(Lq8Ca?KRrP}bM%-ThO0Io8#iND?gzVav7-H_Tg)(3Lp
zK=cI_E*rQV(5}BJd-tHSMJC()#XWx70+A3<&k6Z{W?G6B4w(M^$8W~WqHtz~=HHT6
zKN$+B{yxjhj)L>fvg?=Z$5P)mNEVcfVy1Y03(;kO-v}s%eiwjMYYyB5i4R)~X>uI@
zp}D}GpZ6KsB&L`s{ELSDl|cn;1mtnIwJ&dfvrz=YtZw?1uw}grXx+cDu^R$22qOGP
z>hE1wXfgz4w(#qD^HB{x<@}?n>>x4srV=5CcqVlWY`^#y?7^spPvxf3SL5UtU*`J+
z3t!ex6pww<AokfmMkp49V_f6MWw!5m9Wfc2N*@NO>yp)%XcC7VWEEEFDGo7#CYI$l
sw36pPd|=z_^ndq{9&jG3S~pfK9qCqldk6f?1KXLCMklh5U%2(Z0Q>^R+5i9m

literal 0
HcmV?d00001

diff --git a/content/passwordless-for-product-managers/index.md b/content/passwordless-for-product-managers/index.md
index 7615bbe9..9a31680d 100644
--- a/content/passwordless-for-product-managers/index.md
+++ b/content/passwordless-for-product-managers/index.md
@@ -1,78 +1,116 @@
 ---
 title: "Passwordless for Product Managers"
 description: "A quick overview of different types of passwordless authentication methods to improve user retention"
-date: "2022-07-26"
+date: "2024-05-07"
 cover: "password_less_blog.png"
 category: "featured"
-author: "Advait Ruia"
+author: "Nemi Shah"
 ---
-Passwordless Authentication is an authentication method that allows a user to log in to an app without using a password.
 
-## Disadvantages of Using Passwords
-- **Passwords can be stolen:** Shoulder surfing is the most common way to steal someone’s password. An example of that is looking over someone’s shoulder when they’re entering their password.  
-- **Passwords can be guessed:** While passwords are at a risk from brute force attacks and social engineering, simply guessing can work too — no wonder “123456” was the [most popular password of 2020!](https://nordpass.com/most-common-passwords-list/) 🤯
-- **Passwords are hard to remember:** Ideally, you should have different and unique passwords for each account. But this quickly becomes a problem when you have multiple accounts and too many combinations to remember. 
-- **Passwords are re-used:** A lot of people end up using the same passwords across various apps and website. So if one password is exposed, it’ll be fairly easy for a hacker to access multiple accounts of the user.
+## Introduction
 
-![Go Passwordless](./Go_Passwordless.gif)
+Passwordless authentication works the way it sounds; it lets users log into your app/website without having to configure and remember a password. Typically this involves a One Time Password (OTP) or a Magic Link being sent to the user which they can use to log in, the code/link can be sent to the user’s email or phone.
 
-## Different Types of Passwordless Authentication Methods
-### 1. Magic links
-When using passwordless authentication via magic links, the user is prompted to enter their email address to which an email will be sent instantly. This email contains a link they can click on to be instantly logged in to the system. Unlike passwords, the magic link is different for every time the user wants to login. 
+Traditional login methods involve using an email/username and a password, while this system works it results in poor user experience because user’s need to remember different passwords or end up using the same passwords everywhere which is a security risk. Because Passwordless login does not require the user to generate or remember passwords, your system is generally more secure because you are not exposed to common attacks such as passwords being leaked or data breaches resulting in passwords being stolen. Also building your system becomes easier and involves less steps because you can skip flows such as the forgot password flow or the reset password flow.
 
-One of the downsides to using magic links for authentication is that the email may land up in the user’s spam folder. Also, this feature requires that the user has access to their email. But what happens if the user cannot access their email for some reason? This problem can be solved with the next method that we are going to discuss.
+## Methods of Passwordless Authentication
 
-![Magic link authentication](./Magic_link.gif)
+### Magic Links
 
-### 2. One-time passwords / codes (OTP / OTC)
-In this method, the user  receives a password / code via email or SMS that they can use to log in to the website or mobile application. Unlike magic links, an OTP is easier to view on one device and type on the other device quickly. It solves the problem magic links have where the user needs to login to the email ID on the device where they want to authenticate. Which is why it is highly recommended to use OTP alongwith magic links. It improves the user experience and allows you to create a more secure system.
-> **Note:** The longer (in character length) the OTP, the higher the security of the system. Similarly, it is advisable to use diverse characters in the OTP (e.g. alphanumerics versus just numerics - X4A3Xi98B) to increase system security.
+Magic links are unique URLs sent to the user that expire after some time. Typically magic links are sent to the user’s email. The user can simply click on the link to log into your app. 
+This is a great way to authenticate your users, sending URLs over email is typically a very cheap option and users do not need to enter any code typically associated with OTP based logins.
 
-![Login with SMS / OTP](./OTP_SMS_login.gif)
+### One Time Passwords (OTP)
 
-### 3. Biometrics
-Instead of a password, biometric authentication uses unique physical traits to verify a user’s identity (like retina scanning). Biometric authentication is more secure than a password because no two people have the exact same fingerprints (even if you are an identical twin) or the exact faces (the chances of two faces being similar enough to bypass facial recognition is [extremely unlikely](https://www.sciencedirect.com/science/article/abs/pii/S0379073815003758), even in the case of identical twins).
+This involves sending a code, typically numbers, to the user’s email or phone number. This method is even more convenient for users on modern smartphones that allow autocompletion of OTPs without the user having to switch between apps.
 
-One of the downsides of using biometric authentication is that the user requires specialised hardware to be able to scan their face / fingerprint. If you are building a consumer facing app or website, you can’t expect all of your potential users to be able to use this login method.
+### Biometric Authentication
 
-### 4. Social login
-Using this method, users can choose to sign up or sign in via their social media accounts. It’s quick, super easy and is heavily used by developers — especially when building the MVP or version 1 of their mobile / web app.
+Biometric authentication usually involves a physical trait of the user which is used to identify them. Common examples of this are fingerprints, facial recognition, voice recognition etc. Biometric authentication can be a great way to ensure high security in your apps because they are hard to duplicate or steal.
 
-One of the downsides to using social login is that social media companies (like Facebook, Instagram) can track users across sites that they login to, and therefore some users may not prefer this method.
-> **Note:** Social login is mostly referred to as third-party login although it is a form of passwordless login. Most users today stay logged in to their social media accounts and therefore they hardly ever need to enter a password when using this type of login method.
+Typical passwordless mechanisms such as OTP or magic links come with a degree of unreliability. Emails can bounce or end up being flagged as spam, SMS based OTPs may get delayed or not get delivered at all and are subject to the network conditions of the user etc. Biometric login does not have these problems, and because the user needs to typically be present to authenticate themselves it is very secure.
 
-### 5. Push notifications
-Push Notification Authentication enables user authentication by sending a notification directly to a secure application on the user’s device, alerting them that an authentication attempt is taking place. Users can view authentication details and approve or deny access, typically via a simple press of a button. Like SMS, push notification also shares an OTP with the user and is a more secure authentication method (since attacks like SIM swapping are not possible). It is often deployed as part of a multi-factor authentication (MFA) solution.
+## Passwordless Authentication vs. 2FA & MFA
 
-The downside to using push notifications is that users sometimes opt-out of notifications for various apps and therefore wouldn’t realise that they’ve been sent the code / OTP via a push notification. There is also a high chance that push notifications get hidden or lost within the cluster of notifications received by users.
+When talking about authentication methods it is important to distinguish between Passwordless authentication and Two-Factor/Multi-Factor authentication. Passwordless authentication involves logging the user in without a password and Multi-Factor authentication involves verifying the user with multiple steps of authentication. Passwordless authentication is a very common step in Multi-Factor authentication but is not always involved in the process.
 
-### 6. Physical tokens
-Physical tokens are peripheral devices used to gain access to an electronically restricted device. The token is used in addition to or in place of a password. Examples include a wireless keycard opening a locked door, or in the case of a customer trying to access their bank account online, the use of a bank-provided token (like an encrypted USB) that authenticates the user’s identity. 
+While it is common to have multi-step authentication, passwordless authentication can be a good alternative. For example using SMS based OTPs you can log the user in and still get the security benefits of multiple factors. Passwordless authentication with either email or phone has the built-in implication of the user’s contact information being verified. That being said, multi-factor can be very beneficial because it allows users to have a way to recover their accounts if they lose access to their primary login methods.
 
-The downsides to using physical tokens is that they can be stolen or the user could lose them. Another downside is the additional costs associated with them and the fact that they may require some form of user training.
+## How to implement Passwordless authentication
 
-## Different Ways to Build Passwordless Authentication
-Here’s how you could approach implementing passwordless authentication: 
-1. **Pick your mode:** This is the first step in choosing your preferred authentication factor. You can refer to the list above and choose the type of authentication method that is right for your use case. 
-2. **Number of factors:** It’s recommended to use multiple authentication factors with or without passwordless. Reliance on one single factor, regardless of how safe it may seem, is not recommended.
-3. **Buy required hardware / software:** The user or the organisation may have to buy equipment to implement biometric-based passwordless authentication (like a fingerprint or retina scanner). For other modes, like magic links or mobile OTPs, one may have to use an email / sms sending service such as Twilio or MailChimp.
-4. **Provision users:** Start registering people on your authentication system. E.g., For a fingerprint scanning system, you will need to scan the fingers of all your users / employees.
-> **Note:** Combining Passwordless Authentication with Adaptive (Behavioural) Authentication can bring the optimum balance between user experience vs security. For example, suppose a user logs in to the system, via their laptop, early in the morning, every weekday. Over time, the system learns that this is their typical login behaviour. Then one day, all of a sudden, the user logs in to the system on a Saturday. They used the same laptop to login and it was still early in the morning, and their geographical location was also the same. The system calculates a relatively higher risk score for this behaviour, which warrants the use of a secondary authentication factor, like an SMS OTP.
+Building passwordless authentication involves the following steps:
 
-![Combining Passwordless Authentication with Adaptive (Behavioural) Authentication](./adaptive_auth.png)
+### Deciding what login method to use
 
-## Is the Future Passwordless?
-Even though passwords are far less prevalent than ever before, they are still being used all around the world. However, we at SuperTokens expect passwordless authentication to get more and more popular, especially as a second factor of authentication.
+Depending on your use case you need to choose what method should be used for passwordless login. Typically you need to choose between OTP or magic link based login.
 
-Records already indicate that passwordless authentication helps in solving [CX pain points](https://www.the-future-of-commerce.com/2022/05/10/passwordless-authentication-solve-cx-pain-points-boost-revenue/) and leads to a boost in revenue. Plus, keep in mind that the average person has to keep track of [about 100+ passwords](https://tech.co/password-managers/how-many-passwords-average-person#:~:text=According%20to%20new%20research%20from,has%20100%20passwords%20to%20remember!) and spends almost [12 minutes](https://resources.yubico.com/53ZDUYE6/at/q3tmql-974v8g-73e8p5/YubicoPonemon_2019_State_of_Password_and_Authentication_Security_Behaviors_Report.pdf?format=pdf) every week resetting those passwords.
+OTP login is one of the more common methods used in apps today. One of the main advantages is convenience to the user, however using SMS based OTPs may result in additional costs.
 
-Also, a frictionless UX can be a powerful competitive advantage for businesses at every level. Often, B2C companies are particularly concerned about the negative impact of login friction on conversion / retention rates and revenue. By enabling a frictionless customer experience, investment in passwordless supports **customer retention** and **revenue growth.**
+Magic Links are also a convenient way to implement passwordless login, but the main disadvantage here is that if the user begins the login process on their computer and then consumes the magic link from their phone (via email for example) they would not be logged into their account on the computer and would have to restart the flow again. OTPs on the other hand simply need to be entered on whatever device the user is already using. Similar to SMS based OTPs, using SMS based magic links usually involve additional costs.
 
-Plus, Apple, Google and Microsoft [have already committed](https://www.apple.com/in/newsroom/2022/05/apple-google-and-microsoft-commit-to-expanded-support-for-fido-standard/) to expand support for the FIDO standard to accelerate availability of passwordless sign-ins. This will definitely help boost adoption of passwordless login methods.
+### Building the login flow
 
-But how soon could we see this shift happening? Not very soon. A number of users make use of password managers to manage and store their passwords. There are password managers out there that’ll generate strong 12 letter passwords for the user and automatically fill them on the appropriate websites whenever you visit them. It’s important to recognise here that password managers also provide a great UX.
+#### Sending the user a Link/OTP
 
-So, to conclude, the idea of eliminating our reliance on centrally managed passwords definitely has multiple benefits. However, there is no single passwordless solution that would fit most businesses or use cases. Nevertheless, we’re witnessing an increase in [adoption of passwordless authentication methods](https://www.globenewswire.com/news-release/2022/06/09/2459721/0/en/The-Global-Passwordless-Authentication-Market-size-is-estimated-to-be-USD-12-79-billion-in-2021-and-is-predicted-to-reach-USD-53-64-billion-by-2030-with-a-CAGR-of-16-7-from-2022-20.html) because of the range of business benefits it offers, including an enhanced UX, fewer data breaches, lower support and development costs, and overall better product security.
+Prompt the user to enter their email/phone number. You can also opt in to allowing both email and phone numbers depending on whether you support both methods. Once the user submits their information you need to send them the code/link. For OTP flows you need to prompt the user to enter the information, for Magic Links you can explain to the user that they need to check their email/phone.
 
+Because Email and SMS based messaging is not 100% reliable and delivery may fail you also need to allow the user to be able to re-trigger the email/SMS. When implementing such a flow you should consider adding some minimum time between resend attempts to avoid excessive calls, this is especially useful when using SMS based delivery to avoid high costs.
 
-[Demo](https://passwordless.demo.supertokens.com/) | [Source Code on GitHub](https://github.com/supertokens/supertokens-core) | Please leave a ⭐️ if you think we deserve it.
\ No newline at end of file
+#### Consuming the Link/Code
+
+For OTP based login the flow is rather simple, you check if the code entered by the user is valid and log them in if it is. For invalid codes you can display some error to the user, you should also consider adding a lifetime for a generated OTP and display an appropriate message if the user tries to use an old OTP. As a security measure you can block login attempts for some duration if the user has entered an incorrect OTP too many times, in this case it is good practice to notify the user by email/SMS about this.
+
+When using Magic Links, the link sent to the user typically contains a unique identifier which can be used to validate if the Magic Link used by the user is valid. Similar to OTPs you should implement a timeout after which the Magic Link should be considered invalid. 
+
+
+#### Logging users into the application
+
+Once you have verified that the OTP/Link used by the user is valid, you should use your normal session management flow to log the user in.
+![frontend flow](./frontend-flow.png)
+
+### Using Passwordless authentication with SuperTokens
+
+While you can build your own login system with passwordless, it is easier to use a third party solution. For example with SuperTokens your entire process gets simplified to the following steps:
+
+- **Installation**: Install the SuperTokens SDKs on the frontend and backend
+- **Follow the quick setup guide**: The quick setup for Passwordless authentication involves copy pasting some basic code on the frontend and backend to quickly get setup.
+- **Get Started**: That’s it! You can now stop thinking about your login flow and focus on building your app.
+
+To learn more about using Passwordless authentication with SuperTokens refer to the [official documentation](https://supertokens.com/docs/passwordless/introduction).
+
+## Is Passwordless Authentication Secure?
+
+### Benefits of using Passwordless
+- **Improved Security**: Because the code/link is directly sent to the user, risks involved with traditional attacks such as phishing, brute force etc are reduced.
+- **Improved UX**: Users do not need to remember passwords or regularly reset them, and with SMS based OTP the process of logging in becomes much more convenient for users.
+- **Compliance**: Removing the need to manage passwords in a secure way can make meeting requirements for compliance easier.
+- **Email/phone verification**: Because the OTP/Link is sent to the user’s email or phone, when the user signs up you know that their contact information is authentic.
+- **Scalability**: Passwordless solutions are generally easy to scale across an organisation.
+- **Decreased Risk of Credential Reuse**: Passwordless systems prevent the common security issue of credential reuse across multiple platforms, which is a prevalent cause of data breaches.
+
+## Disadvantages of Passwordless authentication
+- **Dependence on the email or phone**: If the user loses access to their phone or email they lose access to the account. Stolen email or phone can also put the user’s information at risk.
+- **Biometric Data Concerns**: Biometric authentication systems raise privacy and security concerns because once biometric data is compromised, it cannot be changed like a password.
+- **Technology and Infrastructure Costs**: Implementing advanced passwordless systems like biometric scanners or sophisticated token-based hardware can involve significant initial costs
+
+Passwordless authentication is a great way to log your users in, and it is more secure than traditional login methods but it is important to remember that no system is ever full proof and adding additional security mechanisms such as MFA is recommended.
+
+## Using a Third Party vs Building it yourself
+
+Building passwordless authentication yourself can be quite a task involving a lot of work and may require hiring multiple developers. We have a full blog dedicated to explaining how you can build Passwordless authentication yourself, you can read it here.
+
+Apart from the work required to building the system you also have to:
+- Maintaining the systems
+- Staying up to date with latest security risks and concerns
+- Adapting to new security threats, updating with latest technologies and practices
+
+All of this can be a significant overhead to your regular development. On the other hand using a third party helps in the following ways:
+- Quick to get setup
+- You can focus on developing flows specific to your app
+- Third party solutions used by multiple companies has been battle tested
+- The responsibility of keeping up to date and responding to new threats is with the third party
+- The third party will have a specialised skill set resulting in better quality of the login system. And because their focus is on the login system, responding to new threats will be faster.
+
+## Conclusion
+
+Passwordless authentication is a great way to log your users into your app/website. It helps keep your system secure while adding to the end user experience.

From 671d87fdb2cffe9b6c281144ac7d031dfd6e9095 Mon Sep 17 00:00:00 2001
From: Joel Coutinho <joelsteve97@hotmail.com>
Date: Mon, 1 Jul 2024 18:15:49 +0530
Subject: [PATCH 2/2] updates title

---
 content/passwordless-for-product-managers/index.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/passwordless-for-product-managers/index.md b/content/passwordless-for-product-managers/index.md
index 9a31680d..87f7cca9 100644
--- a/content/passwordless-for-product-managers/index.md
+++ b/content/passwordless-for-product-managers/index.md
@@ -1,6 +1,6 @@
 ---
-title: "Passwordless for Product Managers"
-description: "A quick overview of different types of passwordless authentication methods to improve user retention"
+title: "How To Streamline Access With Passwordless Authentication"
+description: "A quick overview on how passwordless authentication can help streamline the login experience and increase user conversions"
 date: "2024-05-07"
 cover: "password_less_blog.png"
 category: "featured"