|
|
|
|
|
|
by dolmen
1098 days ago
|
|
|
> Why bother with this? If email is the reset mechanism why does the industry care so much about getting passwords from users? Because you may not have access to your e-mail from the device where you want to use that service. For example, I don't need to have access to my e-mails from my tablet as I'm always reading/writing them on a computer with a keyboard. So I don't want to setup access to my e-mails from my tablet, as it reduces the risks of a bad app leaking them or leaking my credentials. |
|
|
Plus, if you really want to, you could also have a one-time use 6 digit code for login also sent in the email and it would be better for the majority of people that do not use a password manager.
Or if you really, really, really must have your passwords then please invert the default to where login via link is the primary mechanism and passwords are optional on a per-account basis.