In the past, EventMobi event apps could be enabled to allow app users to login with just an email address (one-step login)—meaning they didn’t need to create a password to access event app content or the Attendee Dashboard.
However, after a careful a review leading up to the release of GDPR in May 2018, we have phased out this functionality fully as of June 11th, 2018. This change will contribute to ensure that event attendee data across the EventMobi platform is better protected.
Passwordless login makes it less difficult for an unauthorized user to log into an app and access user data. For example, they could more easily use the email address of an individual using a one-step login app to access information that person had posted to the app—without having to get around a password.
We have no evidence that these features have ever been used for unauthorized access to any participants’ data. However, we believe that the risk posed by login without password is not an acceptable one.
So, in order to uphold our (and our customer’s) obligation to protect participant event data, we have discontinued this form of login across the EventMobi platform.
If an app user had been using one-step login to access an event app before June 11th, they will be prompted to create one after June 11th when they next login. All of their same information will still be available, and this will not cause any errors with their attempts to log back into the app.
For more best practices around app access and security, read How Can I Restrict Access To My App?