Can I implement passwordless authentication in legacy applications? (Blog: passwordless)