Mike Linksvayer » Passwordless login « the WordPress of Lucas Gonze
Why do sites force frequent logins anyway?
Especially given this process:
- You get a mail from a social network saying that you have a message there.
- When you go to the URL of the message at the social network, you get bounced to a login screen to ensure that you have the right security credentials.
- But anybody with access to your email can obtain the credentials.
- So what is the point of hassling you for the password?
The only reason why this isn’t used, that I can think of, is that there’s some small and yet significant portion of users out there for which this just won’t work, like, for instance, the problem of spam traps. This passwordless scheme requires that the web server can get the email to you.
Don’t get me wrong. I think it’s a great fucking idea.
Not sure I get the spam traps issue. Can you say a bit more about it?
But yeah, I’ll bet there are people for whom this wouldn’t work, though they would be way on the wrong side of the 80/20 rule.
Here’s someone else asking a similar question of another site: http://getsatisfaction.com/slideshare/topics/topic_why_do_i_need_to_login_again_when_i_am_linking_to_the_page_from_a_mail_i_receive