|
|
|
|
|
|
by lewisl9029
3294 days ago
|
|
|
Square Cash is the most prominent example I know of for an email-based passwordless login system, and I personally really like it. > then log in using that non-password every single time I want to log in? The key piece of UX in these systems is you don't make the user do this every time, but rather only when logging in on new devices, and after a reasonable expiration date, say 30 days. For the average HN user, this might not be much of an improvement in terms of security or UX compared to a regular password system when used with a good password manager. The average internet user is and always will be much less sophisticated, however, and is someone who can manage to regularly forget even their really crappy passwords (if they use more than 1 password to begin with). For the average user, I think this system improves both UX and security by a large degree because for UX, it removes the need to remember more than 1 password (the password to your email serves as your master password), and for security, it verifies identity using the ability to access an email and a device (browser) rather than the mere knowledge of an email and a password. |
|
|