locked Re: Lost passwords, no passwords and reset password, oh my


 

In general, I like the concept of allowing sign-in-via-email as proposed, and I think it will help reduce confusion.

The main thing I can think of that could go wrong is if an email provider goes out of business (or otherwise stops delivering Groups.io mail for any reason), and a user wants to switch to another email provider. If that user doesn't have a password and can't log in via Facebook or Google+, is there any way to accomplish that?

There might also be paranoid individuals who would want to block this feature. True, if you could monitor someone's email, you could also get access to their account via the change password feature, but that would be detectable because the old password wouldn't work anymore. If you could send, use, and delete non-password login links, you could impersonate someone for extended periods of time without detection. Again, this is more theory than realistic.

JohnF

Join main@beta.groups.io to automatically receive all group messages.