[gspencley]

Yes, these are often referred to as "Magic Links."

When it comes to the security implications, consider that email has long been a "single point of failure" for a lot of services in the form of the "forgot password" feature that emails you a link to reset your password.

When I'm talking to non-tech people in my life about how best to protect themselves, I usually tell them to think about priorities and disaster scenarios. What would suck the most if it got hacked? The two that are usually at the top of the list for pretty much everyone are email and online banking. Others might include Amazon accounts (hackers can order themselves gift cards with your CC if compromised etc.) Prioritize securing those with a strong password + MFA. The rest is case by case but make sure to use a password manager so you're not reusing passwords.

[HelloMcFly]

I have never seen a use of a Magic Link that wasn't because I asked the Magic Link to be sent to me. Never, ever had one sent to me in a marketing/engagement email.

[acaloiar]

Facebook is able to realize outsize cross-web tracking benefits by having you logged in as long as possible. Few other companies are able to realize comparable benefits because they don't have the same ad-serving aspirations coupled with "Login with Facebook" reach.

Google is comparable, but it's too risky for them to have so many magic links hanging around in customer inboxes, because Google identities tend to be tied to far more sensitive 3rd party applications. Which is not to say that there are no sensitive applications with "Login with Facebook", but I'll argue there are fewer.