Skip to main content
Swifty
Back to Blog
authentication security login users

Password Login and Email Verification

Swifty Team Mar 7, 2026 3 min read

Social login — signing in with a Google or similar account — is convenient for many teams. But not every organization operates that way. Some teams have members without corporate social accounts. Some workspaces have strict security policies that require password-based authentication. Some organizations simply prefer familiar, self-contained credentials.

Password login with email verification is now available as a full authentication option alongside social login.

How It Works

Users register with an email address and password. After registration, a verification email arrives with a confirmation link. Clicking the link activates the account. From that point, logging in requires only the registered email and password.

Password requirements follow sensible security defaults: minimum length, complexity requirements, protection against common passwords. These requirements apply uniformly; they can't be bypassed during account creation.

Email Verification Is Not Optional

The email verification step is mandatory, not optional. An account without a verified email cannot access workspace content. This prevents mistyped emails from locking users out and ensures that contact information in the system is valid.

The verification link expires after 24 hours. If a user doesn't verify within that window, they can request a new verification email from the login screen.

Password Reset

Forgotten passwords are handled through the standard reset flow: enter the registered email, receive a reset link, set a new password. Reset links expire quickly — within one hour — and are single-use. After a password is reset, all existing sessions are invalidated.

Mixed Authentication Workspaces

Workspaces can support both password login and social login simultaneously. Users choose which method to use at login time. For users who registered with social login, password login isn't available unless they explicitly set a password in their account settings.

This flexibility means a workspace doesn't have to choose a single authentication method. If most of the team uses social login but a few members need password login, both can coexist without special configuration.

Session Security

Sessions created by password login follow the same security model as sessions from social login: reasonable expiration periods, secure cookie handling, and invalidation on logout. There's no security differential between authentication methods. Both are first-class options.

Related posts

Composed Data Sources

Chain and relate data sources for rich dashboards — compose complex data views from simpler sources without writing code.

Computed Expressions

Transform data with template expressions and built-in functions — format, combine, and derive values from your data without code.

Cross-Source Data Joins

Combine data from multiple sources in one view — join records from your database with data from external services using a shared key.