top | item 42630635

(no title)

dmattia | 1 year ago

They are sometimes required. Say you are on a mailing list for some company you gave your email to at some checkout counter one time, and you want to unsubscribe. You probably don't have an actual account with a login with that retailer, they just have your email address.

In this case, what alternative is there than having a magic link in the footer of that email that says "unsubscribe" that includes a token unique to that email address that acts as proof of owning an email account when you then click that link and ask to unsubscribe?

discuss

ale42|1 year ago

There are many options where such links are a reasonable option. I'm okay to receive such a link to validate my e-mail for an account creation, or to unsubscribe from a mailing list at a place I don't have an account at, or to display an order status page at a shop where I ordered as a guest without creating an accoung.

But using them as the only option to login is really, really annoying. Mails can get trapped in spam filters, delayed by intermediate server overload or spam filters that sometimes take 10 minutes, servers doing graylisting... Plus all the other annoyances listed in the article (e.g. multi-device users, in-app browsers). At the very least, support passkeys if you really don't want to store (hashed) passwords. And no, SMS is not an alternative: I was several times barred from logging in to a service because SMS wasn't properly working (can happen easily while roaming abroad).

muppetman|1 year ago

Yes, sorry. I mean in the same way as the other person who's replied to you. Don't give me an "account" somewhere I'm expected to use on a regular basis but require me to use magic links.

unknown|1 year ago

[deleted]