Good evening, everyone.
My question is about the sign-in PIN.
When new app users sign into an app the first time, they enter their email address and then receive a PIN to that email that must be entered.
But if registered users sign out, why why why must they get another PIN when signing back in? Why can’t they just enter their email address and go straight into the app as a recognized user?
Is there a way to turn off the PIN requirement?
Thanks!
Why are your users signing out?
If they just close the app and then open it again, then there should be no need to sign in again - as long as the authentication cookie is enabled and set (see below)
If a user signs out, then the next time they open the app it will be treated like a new login. So they will always need to re-authenticate.
I’m just thinking ahead and assuming that some will sign out for whatever reason. I know that I use a few apps/services that for various reasons, I don’t want to stay signed in all the time.
If a pin wasn’t required for registered users the next time a person signs in, then what prevents anybody in the world from just signing in using any registered user’s email address? The pin is for security so only the owner of that email address can sign in and access their own account.
On the same note, if a user signed out for security reasons on their own device, then wouldn’t you want some kind of security to get back into the app instead of any random person picking up their device, entering the owners email, and gaining access to the app?
If users are signing out, it’s for security reasons, so regaining access to the app should also follow secure authentication.
I have switched most of my online accounts on various websites to require not only a username and password, but also two factor authentication, so in some cases I get a one time use code either by email, by text, or from a third party authentication app that gives me disposable codes. I do this to ensure security of my data. I feel the pin in glide is like two factor authentication minus the need for a password.
Like @Darren_Murphy mentioned, if a user doesn’t want to re-authenticate every time they use the app, then authentication cookies should be enabled and they shouldn’t sign out.
Thanks for the reply @Jeff_Hager.
