Skip to main content
Troubleshooting

Login issues — magic links, SMS OTP, and lockouts

# Login issues BizRnR uses passwordless authentication — magic links by email and 6-digit OTP codes by SMS. No passwords to forget, no password reset flows, no…

Login issues

BizRnR uses passwordless authentication — magic links by email and 6-digit OTP codes by SMS. No passwords to forget, no password reset flows, no shared credentials in a sticky note on the monitor. When login goes wrong, it's almost always one of four causes. This article walks through each one.

Symptom 1 — The magic link email never arrives

First check spam. Magic links come from noreply@bizrnr.com and the subject is Your BizRnR sign-in link. Some corporate email filters quarantine them silently — check your spam/junk folder before assuming they're lost.

Allowlist the sender. Add noreply@bizrnr.com to your safe senders list (or ask IT to allowlist bizrnr.com at the domain level if you're on Google Workspace or Microsoft 365). One whitelist entry prevents this from ever happening again.

Confirm the email is right. Typo in the email field? The login page accepts whatever you typed, sends to that address (which doesn't exist), and shows you "check your inbox" because we can't tell the difference between "no such mailbox" and "still being delivered." If nothing has arrived in 5 minutes, re-enter and try again.

Check the rate limit. If you've requested more than 3 magic links in 10 minutes, the 4th won't send — same email, same browser. Wait 10 minutes and try once.

Symptom 2 — The SMS OTP code never arrives

Check the country code. OTP delivery works in 130+ countries, but the phone field needs the country code prefix (+1 for US/Canada, +44 UK, etc.). A 10-digit US number entered without the +1 will silently fail in some carrier paths.

Check your carrier filter settings. Some prepaid carriers (Cricket, Boost, Mint Mobile) aggressively filter codes from short codes. Unblock 5-digit short codes in your carrier app or temporarily disable spam filtering to receive the OTP, then re-enable.

Try a different phone if you have one. If you have a second number on a different carrier, swap to it. If the second number receives instantly, the issue is your primary carrier.

Switch to magic-link login. Click "Use email instead" on the OTP page. Email delivery is more reliable than SMS for first-time signups; once you're in, you can change the default login method in *Settings → Account*.

Symptom 3 — "This link has expired"

Magic links expire after 15 minutes. If you click an old one — for example, you re-requested a link, hit the new one in a different tab, then later went back to the old email — you'll see "expired." Request a fresh link and use the most recent email.

Symptom 4 — "Account locked" message

We auto-lock an account after 10 failed login attempts in 15 minutes. This is anti-bruteforce protection, not punishment. Wait 15 minutes and try again — the lock auto-releases. If you're still locked out after that, email support@bizrnr.com from the email on file and we'll manually unlock you within the same business day.

Symptom 5 — I lost access to the email AND the phone on file

This happens — people change companies, change emails, lose phones. The recovery flow:

  1. Email support@bizrnr.com from any address you can prove ownership of (an old email mentioned in your account history works; the email on file with Stripe also works).
  2. Tell us the business name, the BizRnR phone number, and (if possible) the last four digits of the card on file.
  3. We verify by calling the BizRnR phone number you've been using and asking a verification question against your business profile.
  4. Once verified (usually <1 business day) we transfer login access to whatever email you specify.

We don't do account transfers over chat or via the in-app help — every transfer goes through email + phone-call verification because the alternative is account takeover via social engineering.

Two-factor authentication

Once you're logged in, we strongly recommend enabling 2FA in *Settings → Security*. We support TOTP authenticator apps (Authy, 1Password, Google Authenticator) and SMS as a fallback. With 2FA on, magic-link delivery alone isn't enough to access the account — an attacker would need both your inbox and your phone, which is a meaningful step up in security.

Was this helpful?
© 2026 BizRnR. All rights reserved.