Why I love Magic ✨ Login Links from 3 Minutes with Kent

3 Minutes with Kent

Kent C. Dodds

Episodes

About

Reviews

Promote

Why I love Magic ✨ Login Links

2 minutes Posted Apr 27, 2021 at 2:41 pm.

0:00

2:58

Download MP3

Share at current time

Show notes

Hey friends So I am working on a rewrite of my website can see downs.com

and one thing that I'm adding is user accounts so you can set up an account

and I'm not going to tell you why you might want to do that. I have a

little bit of a surprise.

But the reason that I mentioned this is because I'm using Firebase

authentication and I started out with the username and password regular old

username password sort of thing that you're used to. And it worked pretty

well. I had a password reset. I had forgot my password. I had changed

password and updated email all that stuff was all implemented butIn as I

was working on all of this I started to I think personally I actually

really like the magic link for stuff because for various reasons it's it's

incredibly more secure.

So like if I were to have a data breach which of course, it wouldn't be me

it would be Firebase I would have the data breach. So, I'm not really

worried about that. But if that were to happen or rather for services that

I use I prefer and that they use magical links because if they were to have

a data breach all that's lost is my email address, which is,Everywhere

There's nothing secret or private about my email address.

They wouldn't be able to get my password. And I do use a password manager,

but I wouldn't need most lots of my family doesn't use password managers.

They have either some sort of algorithm. They've come up with for

generating passwords, which I used to do actually or they have they just

reuse passwords or whatever.

And so data breaches don't reveal any passwords of any kind. And so that's

it's way more secure in that way. Because there's just no data to lose.

But,The other nice thing about this is or or the like the biggest concern

that people have with this as well. I do use a password manager and if you

don't have a password then I can't put you in my password manager.

And no, that is false. You can definitely create a an email only entry in

your password manager. And the reason that you'd want to do this is if you

have multiple email addresses, or you use email aliases or something.

Sometimes you can forget which email you use for a given service.

So you just add an entry to that email or password.With the email that you

use and just don't have a password. And then it makes the implementation

way easier as well. So there's no need to worry about password reset or or

securing the password or changing the password or any of that.

So like forgot my password all that stuff just goes away. So you can get

rid of a ton of complexity just by eliminating the password. So I am all in

on magic links. I think that they're great and if you don't log people out

automatically after a couple days then or you keep them logged in for a

month or so.

Then,There's no problem with the user experience either. Have a good day.

← See all 235 episodes of 3 Minutes with Kent