Security in healthcare matters. But so does simplicity.
Most dental software barely offers online portals at all. And when they do, people don’t use them, because signing up is a hassle. Set a password, confirm your email, remember your login, reset it when you forget. It’s too much friction for something that should be simple.
On the staff side, it’s wasted time. Forgotten passwords, locked accounts, reset emails, IT requests. All for a system they use every day. None of that helps anyone do their job.
So we’ve changed the default.
Passwords are no longer the starting point
When a practice registers a patient in Lumina, their account is created automatically. The patient doesn’t need to sign up, set a password, or do anything at all. They’re already in the system.
When they come to log in for the first time, it works like this:
- The user enters their email
- They receive a one-time code
- If a mobile number is on file, the code is sent via SMS
- If not, it falls back to email
- They enter the code and they’re in
That’s it.
No sign-up process. No temporary passwords. No “please reset your password” emails. Just a code, and they’re in. People are used to this now. It’s how most modern apps work, and it’s exactly what removes the friction that stops patients engaging with portals in the first place.
Less friction means more engagement. Patients actually use the portal. They read their Lumina Health Reports, pay more attention to their clinical health, book appointments online, and stay connected with the practice. That’s better outcomes for patients and better value for you.
And importantly, all messaging is handled by Lumina. Practices don’t need to configure anything, manage providers, or worry about how delivery works.
Why this is better
This approach removes one of the biggest risks in account security: passwords themselves.
- No passwords to intercept
- No passwords to reuse
- No passwords to forget
Even if someone accessed an email, they would still need the one-time code, which expires quickly and can be sent to a separate channel like SMS.
Even when passwords are used, we don’t store them
For users who choose to switch back to a traditional password, we still take a modern approach behind the scenes.
Lumina does not store or manage passwords directly within our systems. Authentication is handled using secure, industry-standard identity infrastructure, meaning:
- Passwords are never stored in Lumina databases
- We don’t have access to them
- There is no risk of them being exposed from our platform
This gives you the familiarity of passwords, without the typical risks associated with managing them.
Passkeys: the next step (and yes, they’re as good as they sound)
Once logged in, users can upgrade their account with passkeys.
If you’ve not come across passkeys yet, they’re quickly becoming the new standard backed by companies like Apple, Google, and Microsoft.
In simple terms, a passkey lets you log in using:
- Face ID or fingerprint
- Your device PIN
- A secure credential stored in a password manager
No password required at all.
Behind the scenes, passkeys use cryptographic keys that never leave your device. That means:
- Nothing to steal from a database
- Nothing to phish
- Nothing to reuse elsewhere
They work with tools like Google Password Manager, iCloud Keychain, 1Password, LastPass, and more, and across devices.
For users, it feels simple. Tap, look, or unlock. Done.
For security, it’s a huge step forward.
Already using Google or Microsoft? Use that instead
If your practice runs on Google Workspace or Microsoft 365, your team can sign in to Lumina with those same accounts. This is called single sign-on (SSO), and we fully support it.
For staff, we’d actually recommend it. They’re already signed in to their work email, calendar, and files, so signing in to Lumina becomes one click. Same account, same login, across every tool your practice uses.
It also means your admin can manage everything in one place. See who has access, track usage, and if someone leaves the team, remove their access to Lumina and everything else in a single step.
Since Lumina is already passwordless by default, this isn’t about avoiding yet another password. It’s about consistency and central control.
The passwordless flow described above is simply the default for accounts that aren’t linked to a provider, which is most patients and practices that don’t use Google or Microsoft centrally.
Flexibility where you need it
We know every practice operates differently, so nothing is locked down unnecessarily.
Once logged in, users can:
- Sign in with Google, Microsoft, or another trusted provider
- Switch back to a traditional password if they prefer
- Enable multi-factor authentication using codes
- Choose a setup that suits them
At an organisation level in Lumina Admin, you can:
- Require MFA for staff
- Require MFA for patients
- Leave it optional if you prefer
That means you can move at your own pace, while still benefiting from a stronger default.
A better default for modern practices
The key shift here is simple:
Security is no longer something you bolt on. It’s built into the first login.
Patients get a smooth experience without friction. Staff don’t have to manage passwords. Practices don’t have to configure anything.
And for those who want the highest level of security, passkeys are ready to go.
No other dental software is doing this. Not SOE, not Dentally, not anyone else in the market. Passwordless by default, passkey support, SSO, and flexible MFA controls are not standard in dental practice management. We think they should be.
This is where authentication is heading across every industry. We’re just making sure UK dental practices get there first, without the usual complexity.