[NoahZuniga]

Consensus in the security space is that passwords are really bad. So many products are migrating away from passwords to magic links/passkeys.

[andyjohnson0]

It seems to me like magic links are just off-loading the auth problem to email.

If magic links become increasingly common then email† account access increasing becomes a single point of vulnerability/failure. And email providers obviously can't use magic links for auth. I dont know what the solution is.

† or IM services

[NoahZuniga]

Well, password practically always has reset my password emails. So you have the "off-loading" problem either way.