SleekView for Passwordless Login: token issuance and use as tables
Passwordless Login emails short-lived tokens and writes their issuance and expiry state into WordPress options and wp_usermeta. SleekView reads those records and renders the token activity as a filterable workspace.
♾️ Lifetime License available
Magic links work, but the per-link history is invisible
The Passwordless Login plugin replaces password prompts with a short-lived emailed token. Each request writes a token row, expiry timestamp, and used flag into WordPress options or per-user usermeta depending on the build. The default plugin screens cover settings and request rate limiting, not the cross-user log of who has been asking for magic links, from where, and how many tokens have actually been used.
SleekView reads the token records directly. User, requested at, expires at, used at, IP, and user agent become first-class columns. Filter to used equals false and expires within the last hour to see the bounce rate of magic links your team is sending. Sort by IP to spot a single address generating bursts of token requests. Save the view and reopen the on-call dashboard with one click.
The plugin keeps owning token generation, email delivery, and the login redemption flow. SleekView adds only the audit surface so the team can see the magic-link activity as data instead of as scattered log lines.
Workflow
From a magic link to a queryable audit log
Pick the source
wp_options or wp_usermeta. SleekView normalises both into a single token-log dataset.
Compose columns
Save the audit views
Edit inline and revoke
Sample columns
Passwordless Login token activity
wp_options + wp_usermeta (passwordless_login token records)
| User | Requested | Expires | Used | IP | Status |
|---|---|---|---|---|---|
| alex@studio.co | 12m ago | in 3m | Yes | 198.51.100.42 | Redeemed |
| ria@design.io | 28m ago | Expired | No | 203.0.113.7 | Expired unused |
| tom@hello.dev | 1h ago | Expired | Yes | 192.0.2.55 | Redeemed |
| mia@brew.coop | 2h ago | Expired | No | 198.51.100.42 | Suspicious burst |
Comparison
Default Passwordless Login admin vs SleekView
Default Passwordless Login admin
- Per-token records live in options or usermeta and are not exposed as an admin table
- No filter for unused tokens about to expire
- Burst requests from one IP cannot be ranked without a custom query
- Used-vs-unused ratio is not surfaced for deliverability review
- Compliance exports require WP-CLI access to read the underlying option values
SleekView
- Token records as a sortable, filterable workspace
- Filter by user, IP, used state, or expiry window in one click
- Sort by request count per IP to surface suspicious bursts
- Saved views for daily redemption review and audit windows
- CSV export of the exact token log on screen, filters preserved
Features
What SleekView gives you for Passwordless Login
Redemption review
A saved view of magic links issued today, with the used boolean as a column, shows the redemption rate of your transactional email at a glance.
Burst detection
Sort by IP and group by user. Bursts of token requests from one origin become visible without parsing the plugin's options table by hand.
Expiry triage
Filter to tokens issued in the last fifteen minutes but not yet redeemed. The view becomes a deliverability checklist for support.
Audience
Who uses SleekView for Passwordless Login
Customer support
When a user says 'I never received my magic link', the support agent opens the per-user view, sees the issued token, the expiry, and whether it was redeemed.
Security analysts
Burst detection by IP and user-agent string reveals automated requests targeting account enumeration through the magic-link form.
Compliance reporters
An audit-window export of the token log becomes the authentication evidence in the security report, without WP-CLI access for the analyst.
The bigger picture
Magic links work, but only when the log is queryable
Passwordless authentication is a great fit for content sites and editorial workflows because it removes one of the most common credential-leak vectors. The trade-off is that every link is a short-lived token, and the operational story of those tokens (issued, delivered, redeemed, expired, or replayed) is exactly the audit surface that the default plugin screens do not provide. SleekView reads the plugin's underlying token records, whether they live in wp_options or wp_usermeta, and renders them as a queryable workspace.
Support, security, and compliance teams each get a saved view tuned to their question. The plugin keeps owning generation, delivery, and redemption. The team gets a real audit log inside WordPress without exporting from the database by hand, and the suspicious-burst case stops being something that gets noticed only after a support ticket arrives.
Questions
Common questions about SleekView for Passwordless Login
Builds vary. Some write each token as a row in wp_options with a hashed key, others stage state in wp_usermeta. SleekView reads whichever storage backend your build uses, mapping the fields the same way either side.
No. SleekView surfaces presence and metadata only. The hashed token value is treated as a sensitive field and hidden by default in the column configuration.
Yes. The expiry timestamp and the used boolean are both filterable columns, so 'issued, expired, never used' is a one-click predicate.
Yes if the plugin captures it. The IP and user-agent fields become first-class filterable columns when present, which is what burst detection needs.
No. SleekView reads on admin requests only. Token generation, email delivery, and redemption remain entirely on the plugin's hot path with no additional queries injected.
Yes. Each site stores its own token records, and a super-admin can build a network-wide view that aggregates the token logs across blogs.
Where the plugin exposes a revoke endpoint, the inline action calls it. Otherwise the token row is deleted directly with a conflict-check on concurrent edits so two admins cannot revoke the same token twice.
Yes. Filtered to a single user, the token log exports to CSV as part of the authentication-events evidence for a data-subject access request.
Pricing
More than 1000+
happy customers
Explore our flexible licensing options tailored to your needs. Upgrade your license anytime to access more features, or opt for a lifetime license for ongoing value, including lifetime updates and lifetime support. Our hassle-free upgrade process ensures that our platform can grow with you, starting from whichever plan you choose.
Lifetime ♾️
Most popular
EUR
once
- Unlimited websites
- Lifetime updates
- Lifetime support
...or get the Bundle Deal
and save €250 🎁
The Bundle (unlimited sites)
Pay once, own it forever
Elevate your WordPress site with our exclusive plugin bundle that includes all of our premium plugins in one package. Enjoy lifetime updates and lifetime support. Save significantly compared to buying plugins individually.
What’s included
-
SleekAI
-
SleekByte
-
SleekMotion
-
SleekPixel
-
SleekRank
-
SleekView
€749
Continue to checkoutBrowse more
- Thrivecart Funnels
- Slicewp
- Woocommerce Quaderno
- Skubana Wp
- Wcfm Vendor Staff
- Wp Lister Lite
- Woocommerce Product Comparison
- Wcfm Frontend Manager
- Woocommerce Deutsche Post
- Yith Woocommerce Checkout Manager
- Woocommerce Product Vendors Pro
- Woocommerce Name Your Price
- Surecart Cart
- Authorize Net
- Woocommerce Sendcloud