Signing in & account security

What it does

Quickie gives you several ways to sign in, so you can pick whatever is easiest and most secure for you:

• Magic link — we email you a one-click link, no password to remember.
• Email & password — a classic password sign-in, with a "Forgot password?" recovery flow.
• Social login — one tap with Google, Microsoft or Apple (whichever your business has set up).
• Passkey — sign in with Touch ID, Face ID, Windows Hello or a security key — nothing to type.

From Settings → Account & security you can change your email, set or change your password, add/remove passkeys, and connect or disconnect social accounts.

Where to find it

• Sign in: /auth/sign-in (you're sent here whenever you're signed out).
• Forgot password: "Forgot password?" on the sign-in form → /auth/forgot-password.
• Reset password: the link in the reset email → /auth/reset-password.
• Account & security: Header → avatar menu → Settings → the Account & security card (/dashboard/settings).

Step by step

Sign in with a password

1. Go to the sign-in page and keep the Password tab selected.
2. Enter your Email and Password.
3. Click Sign in. You'll land on your dashboard.

Sign in with a magic link

1. On the sign-in page choose the Magic link tab.
2. Enter your email, then Email me a magic link.
3. Open the email and click the link (it expires in 15 minutes and works once).

Sign in with Google / Microsoft / Apple

1. Click Continue with Google (or Microsoft/Apple) on the sign-in page.
2. Approve in the provider's window. You'll be returned to Quickie, signed in.
3. If you cancel or it fails, you'll come back to the sign-in page with a short message — just try again.

Sign in with a passkey

1. Click Sign in with a passkey.
2. Approve with your device (fingerprint, face or security key).

• If your browser doesn't support passkeys, the button won't appear — use another method.

Create an account

1. On the sign-in page click Create an account.
2. Enter your name, email and a password (8+ characters, with a letter and a number), then Create account.
3. Check your inbox and click the verification link before signing in.

Reset a forgotten password

1. Click Forgot password? on the sign-in form.
2. Enter your email and Send reset link. You'll always see the same confirmation (we never reveal whether an email is registered).
3. Open the email, click the link, choose a new password and Update password. The link expires in 1 hour and works once.

Change your email

1. Settings → Account & security → Email address.
2. Type the new email and Change email.
3. If your current email is verified, it's a two-step confirmation (this protects you if someone ever got into your account):
4. We email your current address a confirmation link — click it to approve.
5. We then email the new address a verification link — click that to finish the switch.

Until both are clicked, your email stays the same.

1. If your current email isn't verified yet, the change applies immediately.

Set a password (for passwordless accounts)

If you only ever signed in by magic link, social or passkey, you'll see Set a password:

1. Settings → Account & security → Set a password.
2. Enter and confirm a strong password, then Set password. You can now also sign in with email + password.

Change your password

1. Settings → Account & security → Change password.
2. Enter your current password, then your new password twice, and Change password.
3. Other devices are signed out for safety.

Add or remove a passkey

1. Settings → Account & security → Passkeys.
2. Optionally name it (e.g. "MacBook Touch ID"), then Add a passkey and approve with your device.
3. Remove one with the trash icon next to it.

Connect or disconnect a social account

1. Settings → Account & security → Connected accounts.
2. Connect to link Google/Microsoft/Apple, or Disconnect to unlink. (You can't disconnect your only remaining way to sign in.)

What each screen shows

• Sign-in card — Password/Magic-link tabs, email + password, "Forgot password?", social buttons, the passkey button, and a "Create an account" toggle. Only the social providers your business configured are shown.
• Account & security card — your current email and whether it's verified; set/change password; your registered passkeys; and your connected social accounts.

Tips & good to know

• Forgot password also works if you've never set one. If you only ever used a magic link or social/passkey, requesting a reset still emails you a link — completing it simply creates a password on your account (your inbox is the proof of identity). So "Forgot password?" is also a way to add a password without signing in first.
• Passwordless is fine. You never have to set a password — magic link, social and passkeys all work on their own.
• Passkeys are the most secure and the fastest on a phone.
• Verification emails in development print to the server log instead of being sent (when EMAIL_PROVIDER is console).

Troubleshooting

• "This reset link is invalid or has expired." Links last 1 hour and work once — request a new one.
• A social button is missing. That provider isn't configured for your deployment (see the admin notes below).
• No passkey button. Your browser/device doesn't support passkeys — use a password or magic link.
• Can't disconnect a social account. It's your only sign-in method — set a password or add another method first.

For administrators (setup)

• Environment variables live in .env.local (see .env.example). Key ones: BETTER_AUTH_SECRET, BETTER_AUTH_URL, the email provider settings, and the OAuth *_CLIENT_ID/*_CLIENT_SECRET pairs.
• Social providers are env-gated: a provider only appears when both its id and secret are set. Add the redirect URI <BETTER_AUTH_URL>/api/auth/callback/<provider> in the provider's console.
• Passkeys derive their domain (RP ID) and origin from BETTER_AUTH_URL. Locally that's localhost; in production set it to your real, stable domain — passkeys are bound to it.

Related guides

• Getting Started
• Settings
• Team & Members