Should we support "Login links"? #2215
mikekasprzak
started this conversation in
Ideas
Replies: 1 comment
-
I gotta admit, login link + hardware key/authenticator code is a pretty secure way to login. So long as emails are guaranteed to deliver quickly, it's totally viable. Again, most websites let you get away with doing a password reset to recover your account. One time use recovery codes are a pain though. 🤔 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I forgot my password on a website, and noticed there was a button that would send me an email with a special URL that logged me in without my password. That was kinda nice.
The question is this a significant enough security concern?
Most websites could let you reset your password via email anyway. This just saves a step.
In the same vein, this would enable a way to do password-less logins. Honestly, getting a login link may be more secure than passwords in general. 🤔
Beta Was this translation helpful? Give feedback.
All reactions