erin 💫

new thing to hate: websites taking their account systems "passwordless" by just emailing a login link every time you sign in. fucking terrible user experience on mobile. password autofill? no lol, fuck you, manually open your email app and wait 30 seconds for the message to arrive so you can click a link that opens in your browser before redirecting you back into the app

i hate technology

Feb 27, 2024 at 2:55amWeb
Show threadJay 🆘Feb 27, 2024
@erin Sometimes they brag about this, too! There’ll be “casual” copy that says like, “We don’t believe in passwords! Pretty cool, huh?”
Show threadErlendFeb 27, 2024
@erin Yeah, I don't like that either...
I can understand that they don't want to have to store passwords - but at least support passkeys and "Login with..." then!
Show threadpost-Gundam cryptographyFeb 27, 2024
@erin it took a previous employer years to get off of this, which we did because, among other reasons, people kept forwarding their sign-in links to other people by accident
Show threaderin 💫Feb 27, 2024
@vyr hahahaha that's fantastic
Show threadusernameFeb 27, 2024
@erin I think it definitely depends on what the audience is. 99% of people use the same password for everything. Not letting them use a password is far safer.
Show threaderin 💫Feb 27, 2024
@username i don't think that's an improvement though? if they use the same password for everything then an attacker has instant access to their email which has the login code. it's worse UX with no tangible security benefit; it only exists to push the burden of helping users be secure off one service and onto another (the user's mail service)