toggle quoted messageShow quoted text
Judy, so what if they have your email address.
Your address, my address, everyone's address is already out there.
So, for grins, let's assume thy have my address.
What good does that do them?
Even if they receive all my email, what good does that do them?
Access to my account is sent to me via a link in an email message,
by the time they see it, I have already used it, and it is only
usable once, so it does them no good.
And, it is only available for 15 minutes, so they would have to be
sitting right there watching in order to intercept it before I get
it, and that is not likely because I am sitting right there
waiting for the reply with the link.
On 6/30/2015 5:04 PM, J. Faulkner wrote:
I’m not Steph, but by
using your email address to get the link. They can easily get
email addresses now.
Steph, did you read the link that mark sent?
It said that you send in your email address, they send
back (in an email message to your email address) a link
that you use.
You use that link to access your site.
How would a hacker get that email message/link?
On 6/30/2015 3:24 PM, Steph wrote:
I have a question
People find anyway they
can to hack people's accounts.
So, how would this keep
the hackers out? That is my only concern.
Sent: Tuesday, June 30, 2015 11:25 AM
Subject: [beta] Eliminate passwords?
A new trend seems to be to eliminate
passwords in logins. See this article about Medium,
which outlines the approach:
What do you think? We already have a
class of users that don't have passwords - people who
subscribed via email, and if they ever want to log
into the website they have to either go through a
social login, or go through the 'forget my password'
flow. It would make things more consistent to just say
that nobody has a password. To log in, if not through
Facebook/Google, then simply enter your email address
and you'll be emailed a link to log in.