Client Portal – Temporary Magic Links

———————————————————–

Temporary Magic Links

———————————————————–

Enhance security by reducing the risks of unauthorised access and link misuse, mitigating potential vulnerabilities associated with permanent magic links.

• 15 min time limit for magic link expiration
• 90 days limit for database deletion
• Rate limit for user generated magic link is 5-6
• User can request magic link for themselves until 90 days since they last logged in
• Secret token is encrypted so login information is secured
• It is backward compatible so old magic link will work as it is until user request new ones

• Reduction in security incidents related to the misuse of permanent magic links.
• Improves platform security by minimising the window of time an unauthorised user can use a link to gain access.
• Reduces the likelihood of link theft and replay attacks.
• Increases user trust by demonstrating a commitment to protecting their data.
• Enhances compliance with modern security standards and best practices.