Category Archives: identity

no more passwords

When I forget my password, don’t use my email to confirm that I have authority to reset it, use my email to log me in. Just treat an email address as a flavor of Open ID and we’ll all get along fine.

I don’t even save passwords for a lot of sites. I auto-generate a new random password, use it to login or create the account, and use password recovery by email whenever the site logs me out.