|
|
|
|
|
|
by jonalexr
4965 days ago
|
|
|
It's great to get different perspectives on the concept. I agree that enforcing rules and resets does impact user experience. What if the user was to authenticate once via SMS (we send them a code and they enter it within a reasonable time period), and once they do, they're authenticated for an infinite amount of time. This way they don't need to remember a passcode, and just need to have their phone on them when accessing the website from a new computer - a similar experience to two factor auth. |
|
|