|
|
|
|
|
|
by Isammoc
3926 days ago
|
|
|
I've seen a website without password. To login: you have to fill you email adress, they send you an email with a one time auto login token. It was great! But (because, there is a "but") it was (I repeat) a one time auto login token. If there was a for ever auto login token, this mail may be lost, duplicate, or worse, compromised. The one time auto login is "secured" in the way you know you will have first access to this mail (mail is mostly unsafe) and the link worked. Advantage : only one password (double authenticated for several providers) for your mail.
As would be an oauth connection. In a transactional mail ? Muh... "transactional" mean with an action, but commonly with a paid action, with private informations like a credit card number... I will not feel safe if in the same email I have a confirmation I have paid something (ie: advice about payment information are provided) and a link that allows the mail reader to get those informations. There were my 2 cents. |
|
|