Plugins DatabasePlugins Database logo
Back to plugins
Homepage WordPress

Actions

DownloadAuthor pageSee on WordPress

Plugin info

Total downloads: 85
Active installs: 0
Total reviews: 0
Average rating: 0
Support threads opened: 0
Support threads resolved: 0 (0%)
Available in: 1 language(s)
Contributors: 1
Last updated: 11/16/2025 (45 days ago)
Added to WordPress: 11/16/2025 (0 years old)
Minimum WordPress version: 5.9
Tested up to WordPress version: 6.8.3
Minimum PHP version: 7.4

Maintenance & Compatibility

Maintenance score

Actively maintained • Last updated 45 days ago

59/100

Is Password Less Login abandoned?

Likely maintained (last update 45 days ago).

Compatibility

Requires WordPress: 5.9
Tested up to: 6.8.3
Requires PHP: 7.4

Ratings

0
0
0
0
0See all reviews

Developers

Sadekur Rahman (Owner)1

Languages

Similar & Alternatives

Explore plugins with similar tags, and compare key metrics like downloads, ratings, updates, support, and WP/PHP compatibility.

Mailsure
Rating 5.0/5 (1 reviews)Active installs 50
Compare
RFS Email Verification for Gravity Forms
Rating 1.0/5 (1 reviews)Active installs 30
Compare
OLS 2FA
Rating 0.0/5 (0 reviews)Active installs 0
Compare
See more alternatives to Password Less Login

Description

Password Less Login is a passwordless and OTP-based login system for WordPress.
Every user — both existing and new — must verify their identity using a One-Time Password (OTP) sent to their email before being logged in.

This ensures that no one can access an account without confirming ownership of the email address, providing a secure, passwordless authentication process.

How It Works

  1. The user enters their email address.
  2. The plugin sends a 6-digit OTP to that email.
  3. The user enters the OTP:
    • If the email exists the user is securely logged in.
    • If the email is new the user provides a username, verifies the OTP, and a new account is created automatically.
  4. The OTP is valid for 10 minutes and expires after use.

Note: The plugin never logs in users without OTP verification.

Key Features

  • OTP-Based Authentication for All Users – Both existing and new users must verify the OTP before login.
  • Passwordless Login – Securely log in using only your email and OTP.
  • Auto User Registration – New users can register instantly after OTP verification.
  • Temporary OTP (10 Minutes) – Each OTP expires after 10 minutes and can only be used once.
  • Rate Limiting – Prevents brute-force or spam OTP requests (maximum 5 per 15 minutes per email).
  • Nonce Verification – Protects REST API endpoints from unauthorized access.
  • Secure Email Handling – Emails are hashed when stored in transients to protect user data.
  • Streamlined User Experience – Clean, minimal login flow with conditional fields for existing vs. new users.

Why Choose Password Less Login?

  • No passwords to remember or reset.
  • OTP verification ensures true ownership of email.
  • Protects against brute-force attacks.
  • Simple setup – works with the native WordPress login page.
  • Modern and user-friendly design.
  • Reduces “Forgot Password” support requests.

Usage

  1. Go to your WordPress login page.
  2. Enter your email address and click “Send OTP”.
  3. Check your email for the OTP.
  4. Enter the OTP in the login form:
    • If your account exists, you’ll be logged in.
    • If not, you’ll be prompted to provide a username before registration and login.
  5. You’ll be redirected to your dashboard after successful verification.

License

This plugin is released under the GPL license. You are free to use and modify it.

For support, contact: [email protected]

Installation

Automatic Installation

  1. Go to your WordPress dashboard Plugins Add New.
  2. Search for Password Less Login.
  3. Click Install Now and then Activate.

Manual Installation

  1. Download the plugin from WordPress.org.
  2. Upload the password-less-login folder to /wp-content/plugins/.
  3. Activate the plugin through the Plugins menu.

Frequently Asked Questions

Q: Does this plugin log in users automatically when they submit their email?

A: No. Users are only logged in after successful OTP verification. Email submission only sends the OTP.

Q: What is OTP?

A: OTP (One-Time Password) is a 6-digit temporary code valid for 10 minutes.

Q: How many times can a user request OTP?

A: Users can request up to 5 OTPs every 15 minutes per email to prevent abuse.

Q: Is the OTP stored securely?

A: Yes. OTPs are stored temporarily and securely using hashed transient keys.

Q: Can I customize the OTP email message?

A: Yes, you can modify the email template in the plugin settings page.

Review feed

No reviews available

Screenshots

  1. Login screen with email input.

    Login screen with email input.

  2. OTP verification form for existing users.

    OTP verification form for existing users.

Changelog

1.0.1

  • Added OTP verification for both existing and new users.
  • Added nonce verification for REST API requests.
  • Added rate limiting (5 OTP requests per 15 minutes).
  • Enhanced email and OTP sanitization.
  • Improved overall security and error handling.

1.0.0

  • Initial release with passwordless email login, OTP verification, and auto-registration.
Back to plugins