QR code based authentication

It’s a major PITA to enter long e-mail addresses and passwords with special characters on the QC. On top of that, sessions seem to expire frequently, which is a major annoyance.
Since we have to use a smart phone app anyway: provide an authentication flow based on a QR code that we can scan in the app to connect our QC.

or just a simple Pin code like a phone…added this request recently

Then I’d still have to type the username/mail. In some cases, this can be already annoying enough. Why would you go the more complicated route of entering the e-mail, waiting for the pin, entering the pin if you could simply open the app and scan the QR code? Less manual entry, less steps required. The simpler solution is always a better one.

because a pin would be easier. enter your email and password once ever…set a pin code, then only ever enter just the pin after that. again, just like a phone or windows…

1 Like

I fail to see how entering an email and password once would be easier than scanning a code once. So the first login would still be much more cumbersome with your method.

What happens after that is another deal. Passwords/authentication shouldn’t expire (unless credentials are changed and such) in first place. A pin might be fine as a fallback, but since you need to use your phone for that anyway, why not show a push notification or link to approve the login instead? Once again - no manual entry whatsoever is always better than any form of manual entry.

Most authentication flows designed for cloud applications these days - if we design a new one - work this way. There’s literally no advantage whatsoever to introduce complexity unless you need to offer alternatives for people without a smartphone or internet connection. In this case, text messages or automated call systems are usually used as a fall back. But I don’t see it being relevant in our case because if you need to log into the cloud on your QC, you also need to use the QC app on your mobile phone. If you have the app, you can use it for things like authentication flows with QC/push notifications.

agree to disagree that using my phone is easier than entering a pin. Fine with using a QR for initial log-in. But this is not holding my bank information… a simple pin is easy to remember and more than enough security. Adding the need to have my phone handy everytime I want to sync the QC is more difficult than a pin. So we’ll agree to disagree.

Oh. You mean using a pin (instead of password) in general, not as in - getting a one time pin for logging in? Yeah, no. While I certainly think it’ll be easier than entering a password, you shouldn’t have to log in more than once on your QC in first place :slight_smile: