[zdw]

Someone needs a history of internet mail. It was never designed to operate in real time or be fast, whereas people expect logins to be fairly quick.

Also, using an email backchannel and one time keys moves the security from an encrypted connection (assuming SSL) to an unencrypted SMTP connection anyone can view...

Back in the good old days of UUCP you might wait a day or two to get mail from across the globe...

[lgbr]

Who really cares what it was designed to do? The fact is, almost the entire userbase is going to receive that email before they can switch tabs to their email inbox. So even though it wasn't designed to be immediate, it is in practice, and we have a whole list of technologies that we use despite intent (HTTP wasn't designed to be stateful, and yet we use it as such constantly).

Mail transmitting is only sometimes encrypted, which is disappointing, but I've yet to hear of an instance where a user account was compromised when the forgotten password link was hijacked by listening to the wire between two mail servers. If it really is a problem, this could also be mitigated easily by only allowing the link to work on the browser that initiated the request.

Frankly, though, I'd love it if this system were implemented if for no other reason than to encourage mail servers to enable TLS on their SMTP backend.

[therandomguy]

I have had to wait couple of minutes for the email show up in gmail or few minutes for it to be delivered to outlook.

[UntitledNo4]

And I recently had to wait about two weeks to get an email from Channel 4 (UK TV channel) to confirm my email...

[DanBC]

> So even though it wasn't designed to be immediate, it is in practice,

But that's by accident, not really by design, and because email isn't supposed to be immediate, and is often outside the user's control, there are very many things that can delay it.