Authentication
Crosscheck uses passwordless authentication exclusively. There are no passwords to create, remember, or manage. You sign in using a one-time password (OTP) sent to your email, a magic link, or Google OAuth.
Authentication Methods
Email OTP
Enter your email and receive a one-time password. Enter the code to sign in. The OTP expires after a short window for security.
Magic Link
Request a magic link sent to your email. Click the link to sign in instantly without entering any code. The link is single-use and time-limited.
Google OAuth
Sign in with your Google account in a single click. No additional setup required. Your Google email is used to match or create your Crosscheck account.
Signing In with Email OTP
Enter Your Email
Check Your Inbox
Enter the OTP
Signing In with a Magic Link
If you receive a magic link via email, clicking it will sign you in automatically in the browser that opens the link. Magic links are single-use and expire after a short time for security.
Extension Authentication
The Chrome extension shares your authenticated session with the web application. When you sign in on the Crosscheck dashboard and then open the extension, it automatically receives a secure token that keeps you authenticated.
If you sign out of the dashboard, the extension token is invalidated and you will need to sign in again to continue using the extension.
Session Management
Sessions are managed with secure, industry-standard tokens. Key points:
- Tokens are short-lived and automatically refreshed.
- Every request is verified before processing.
- The extension shares your authenticated session securely.
After Your First Sign-Up
When you sign up for the first time, you will be guided through a short onboarding flow where you provide your first name, last name, and profession. This helps personalize your Crosscheck experience.