Hacker News new | ask | show | jobs
by alnorth 4262 days ago
Yeah, but you're not introducing a new failure point. Most services already let you reset your password - as long as you can click a link they send to you in an email.
2 comments
edwintorok 4262 days ago
If you reset the password the user would notice that he can't login next time. If you steal&delete the email with the one-time login token the user won't notice, so there is a difference...
link
ravloony 4262 days ago
Of course, missed that somehow.

With that out the way, this is really interesting stuff, although some people may end up with crowded inboxes.

link