The only reason why this isn’t used, that I can think of, is that there’s some small and yet significant portion of users out there for which this just won’t work, like, for instance, the problem of spam traps. This passwordless scheme requires that the web server can get the email to you.

Don’t get me wrong. I think it’s a great fucking idea.