Description

Easy, secure, and passwordless authentication for WordPress.

Streamline the login process by sending links to your users. No more passwords to remember, no more password resets, and no more password strength requirements.

Learn more about Magic Login

How does it work? 🪄

Magic login uses a technique called “magic links”. The magic link is a unique link sent directly to your email inbox which allows you to authenticate.

Auto Login: Magic Login also supports auto-login links for outgoing emails. It’s useful when pending action from a user, such as reply a comment, complete the checkout, etc..

PRO Features 🎩

Here are the premium features that come with Magic Login Pro:

CLI Command: Use WP-CLI to create login links.
Brute Force Protection: Limit rate of login attempts and block IP temporarily.
Login request throttling: Limit login link generation for a certain period.
IP Check: Enhance the security by restricting users to log in from the same IP address that requested the link.
Domain Restriction: Allow only certain domains to use the magic link.
Login Email Customization: Customize login message by using email placeholders.
Login Redirect: Redirect users to a specific page right after login. You can also redirect different pages based on the user role.

By upgrading to Magic Login Pro you also get access to one-on-one help from our knowledgeable support team and our extensive documentation site.

Learn more about Magic Login Pro

Documentation

Our documentation can be found on https://handyplugins.co/magic-login-pro/docs/

Contributing & Bug Report

Bug reports and pull requests are welcome on Github. Some of our features are pro only, please consider before sending PR.

If you like Magic Login, then consider checking out our other projects:

Magic Login Pro – Easy, secure, and passwordless authentication for WordPress.
Easy Text-to-Speech for WordPress – Transform your textual content into high-quality synthesized speech with Amazon Polly.
Handywriter – AI-powered writing assistant that can help you create content for your WordPress.
PaddlePress PRO – Paddle Plugin for WordPress
Powered Cache – Caching and Optimization for WordPress – Easily Improve PageSpeed & Web Vitals Score

Screenshots

Login Page
Settings Page
Login Email
Login Block

Blocks

This plugin provides 1 block.

Magic Login

Installation

Manual Installation

Upload the entire /magic-login directory to the /wp-content/plugins/ directory.
Activate Magic Login through the ‘Plugins’ menu in WordPress.

FAQ

What is passwordless authentication?: Passwordless authentication is an authentication method in which a user can log in to a computer system without entering (and remembering) a password.
Are the magic links secure?: Yes! In fact, we thought this is more secure than the regular login due to most of the users are using weak passwords. Since magic login generates a random token for a limited time frame it makes the links quite strong and secure.
When do login links expire?: It expires in 5 minutes by default. You can change TTL under the “Token Lifespan” on the settings page. Enter “0” to disable automatic expiration.
Why am I not getting login links?: Magic Login uses WordPress built-in mail functions. So, it depends on your configuration. We highly recommend to use an SMTP service for better email delivery.
How can I use a passwordless login form on any page?: You can use [magic_login_form] shortcode or block. Learn More.
Why are users redirected back to the page where they added the magic login form via shortcode?: This behavior occurs because the magic login form is designed to use the current page as the target redirection URL by default. It’s a way to ensure a smooth user experience by bringing users back to the page they started from.
However, if you wish to alter this behavior, you can easily do so by passing an empty redirect_to=”” parameter within the shortcode. Learn More.

Reviews

juxhin20 November 22, 2023

5 Starts for this amazing plugin and 10 stars for the support guy 😀

minickel November 7, 2023 2 replies

Principally I really like the idea of passwordless login. In the free version however, the html link in the email on the "Login" word does not work. This adds so much confusion to more inexperienced users that it is totally useless and unacceptable. We cannot expect that all users are ready to cut and paste a long clear text URL from their email to the browser. Especially older users really got confused. To me it was disappointing. I would have eventually be ready to go for the Pro version, if the tests with the free version would have been more positive. Thus, the plugin had to go.

Wnd November 6, 2023 1 reply

By far the best Passwordless Plugin on the market. Easy to use and works perfectly. I tested almost all of them but this one fits all. The free version offers you everything you need and the PRO version offers a bit more protection and customization. Just how it should be. It's not only more user friendly, it also prevents users from sharing accounts because it's less likely they will share their mailaddress. The support is also great btw. Just had two small suggestions and they reply very fast (by then I didn't had the PRO premium support yet).

ifwarewp November 3, 2023

No hassles login for our customers, when we redirect them to WP site login page from our other corporate sites. Very useful plugin, with excellent support by the Developer. Responses are immediate and to the point.

physkx July 17, 2023 1 reply

This is the best passwordless login plugin for wordpress I have used. I had a small tweak I wanted to make to the plugin functionality so I emailed the developer asking if the change I wanted to make was possible, he replied very fast with a snippet to add the functionality I was after.

flptms April 18, 2023

Mission accomplished. Plus, I needed some customization and support was quick and objective, solved it!

Contributors & Developers

“Magic Login – Passwordless Authentication for WordPress” is open source software. The following people have contributed to this plugin.

“Magic Login – Passwordless Authentication for WordPress” has been translated into 2 locales. Thank you to the translators for their contributions.

Translate “Magic Login – Passwordless Authentication for WordPress” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Change log

2.0 (November 07, 2023)

Add {{MAGIC_LINK}} support to all outgoing emails that received by a single user.
Add new placeholder supports: {{FIRST_NAME}}, {{LAST_NAME}}, {{FULL_NAME}}, {{DISPLAY_NAME}}, {{USER_EMAIL}}
Add ajax spinner to the login form.
Dependency updates.
Minor tweaks on settings form.

1.9.1 (October 26, 2023)

Added French translation.
Dependency updates.
Fix deprecated variable format.
Tested with WP 6.4

1.9 (July 25, 2023)

Added: AJAX support for login requests.
Bumped PHP requirement to 7.2+
Small tweaks and improvements.
Tested with WP 6.3

1.8.1 (May 15, 2023)

Added: Styling for two-factor plugin.
Minor UI changes.
Small tweaks and improvements.
Tested with WP 6.2

1.8 (February 18, 2023)

New feature: Token Validity – allows to specify how many times a token can be used.
Improvements on the default login screen
i18n improvements
Added: German translation.
Added: Autocomplete support.
Added: New token {{TOKEN_VALIDITY_COUNT}} to customize email content.

1.7 (January 21, 2023)

PHP 8.1: fix deprecated ‘FILTER_SANITIZE_STRING’
UI/UX improvements on default login screen
i18n improvements. Props @emreerkan
Fix: standard wordpress redirect functionality. Props @maartenhunink
Fix: Skip the auto-login link for the magic login itself.
Fix: Send email only once.

1.6 (October 26, 2022)

New feature: Auto Login Links

1.5.2 (September 27, 2022)

Bug fix: token validation

1.5.1 (September 26, 2022)

Fixed: redirection issue.
Minor UI updates.
Small tweaks and improvements.
Tested with WP 6.1

1.5 (September 12, 2022)

Fixed: save tokens hashed in DB. Props @snicco
Added: username-only mode. define MAGIC_LOGIN_USERNAME_ONLY in the config file to use it.
Email improvements: Check email contents before converting line breaks to <br/> tags.
Small tweaks and improvements.

1.3 (April 19, 2022)

Tested with WP 6.0
UI updates.
Fire wp_login hook as WP Core does on successful login.
Add new filter: magic_login_email_headers.
Fix email title html escaping.
Small tweaks and improvements.

1.2.2

Tested with WP 5.9
Update Shared UI
Fix compatibility issue with TML plugin
Add redirection cancellation option to the login block.
Check logged-in while saving the settings
Small tweaks and improvements.

1.2.1

New: Integrate with the standard login form.
Fix: Enqueue admin assets on the settings page only.
Allow login block only once for a post.
Small tweaks and improvements.

1.2

New: Magic Login Block – It’s much easier to add and customize the login form in the block editor.
Customizable token intervals added. (removed 1-60 minutes restriction)
New placeholder added: {{EXPIRES_WITH_INTERVAL}} to display TTL with the interval.
Updated Shared UI
Improved documentation on settings page.
New: Show an error message when the user doesn’t exist.
New filter: Added magic_login_invalid_token_error_message to customize error message.

1.1.3

Fix: Scheduled expired token cleanup

1.1.2

Update Shared UI
Shortcode magic_login_form now supports redirect_to attribute
fix: don’t display login form if the user already logged-in

1.1.1

Hotfix: return shortcode output instead of printing

1.1

Tested with WP 5.8
Shortcode magic_login_form support added!
fix: make sure deactivate_plugins exists when manually switching versions

1.0.3

Update Shared UI
fix: add text-domain for missing strings

1.0.2

Update Shared UI
Tested with WP 5.7

1.0.1

Update Shared UI

1.0

First release

Suepr plugin mega super support

“Login” Link does not work – adds more confusion to users

Everything you would expect from a Passwordless Login plugin.

Practical and well supported plugin

Awesome plugin with great support

Simple and useful