| There have already been a few discussions on HN about this topic: https://news.ycombinator.com/item?id=42627453
https://news.ycombinator.com/item?id=43680597 First world problems, but I'll emphasize it one more time. There are several annoyances with magic link authentication: - No email access: People might not have access to their email on the current device or at that moment (using a public computer, phone without email configured, etc.) - Context switching: I deliberately avoid checking email to maintain focus. Being forced to open inbox breaks concentration and exposes us to distractions I was trying to avoid Technical friction: Logging into email can be slow (especially with 2FA, etc), mail delivery can be delayed or end up in spam, links often open in a different browser/app, breaking the session
Using a different device to check email means you can't continue on your original device. - Clipboard disruption: Users might have something important copied and don't want to replace it(just to paste your magic link in the right tab) The ask is simple: Give us at least one "normie" option! Every sane person nowadays uses a password manager anyway. (Yes, if you don't - you should be using one!) I believe this trend stems from Auth0/Okta/etc/"modern" auth providers pushing their preferred patterns, combined with a "move fast and break things" mentality that prioritizes developer convenience over user experience. Please - reconsider it. |
> Every sane person nowadays uses a password manager anyway
First, basically no one is using a password manager and, if they are, the password manager is on their phone.
If they're savvy enough to use a password manager, their email is configured on their phone too.
> I deliberately avoid checking email to maintain focus.
> Clipboard disruption
Self-inflicted problems.