Hacker News new | ask | show | jobs
by busterarm 2898 days ago
How does that deal with email providers that follow all links with their virus scanner? (many corp emails...)

Usually these credentials are one-time usage.
2 comments
LeifCarrotson 2898 days ago
"Click to continue" Javascript on the landing page, IME. Or a time-based limit, which seems more user-friendly: if you close the tab you can reopen it or go back to your email.
link
vxNsr 2898 days ago
I'd guess however any service that requires account confirmation to work.

This sounds like a solved problem, though I don't really know.

link
busterarm 2898 days ago
Not everyone as solved it. It is an actual issue that people have.
link
vxNsr 2897 days ago
No I mean that seeing how widespread click-to-confirm emails are I'd think there are best practices for how to implement them to avoid fake clicks. Whether those ideas are followed by everyone is another story, but all the pitfalls that people are pointing out apply in one way or another to the password system as well.
link