Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
C0D4669025yUser/password flow works, magic links or auto login links just remove 2 text boxes from your flow.
No really, you would still send them an email to verify the account/email address, you would still want 2FA on your app/website, you're reset password flow would still need to account for 2FA being enabled, something I'm pushing my company to bring in.
A magic link removes this security, and now relies on the user not having their email account breached to hijack their account on your service.
Don't be the weak link.
This kind of service is nothing more then sending the user their password back to their email address when pressing "lost password"
But hey, "no passwords are easier" -
Root797675y"Let's make things easier! Who cares if it's objectively worse in every possible way, save convenience?"
Fires burn in the distance.
What your opinion on this password-less login thing magic (https://magic.link/).
I think it's interesting, but would you consider it something worth putting time Into learning asap?
question