|
|
|
|
|
|
by shanecleveland
3295 days ago
|
|
|
Not saying your are wrong in your preference, but you can similarly use a password manager to save the email address used for a password-less login. So perhaps not a good argument against passwordless logins in general, though I am sure there are many good reasons against it. So far, the few arguments against here are individual, convenience-based reasons. Those are certainly valid reasons, because if you inconvenience a potential user, they may never become an actual user. Not everyone has a password manager, and many people use the same username, email and password across many services. The larger danger can be that if one service is hacked, it may provide a hacker access to many services, including email. A provider of a service with a passwordless login would never have to worry about being the root cause of such a breach. And, as long as the users' email was not hacked, would not be susceptible to malicious activity through another hacked service. One question for the OP: What kind of service are we talking about? If the information is sensitive, then perhaps it is not a good idea. If it would be safe to keep a user logged-in after a session ends, then maybe a good consideration. By limiting the number of login requests, then you reduce the inconvenience. |
|
|
Sure, but it still adds an extra step; my current manager doesn't have a "log into the email address you used to register with this site" button.
But you're right, there are advantages to email-based login.