Why I love Magic ✨ Login Links - a podcast by Kent C. Dodds

Hey friends So I am working on a rewrite of my website can see downs.com
and one thing that I'm adding is user accounts so you can set up an account
and I'm not going to tell you why you might want to do that. I have a
little bit of a surprise.But the reason that I mentioned this is because I'm using Firebase
authentication and I started out with the username and password regular oldusername password sort of thing that you're used to. And it worked pretty
well. I had a password reset. I had forgot my password. I had changedpassword and updated email all that stuff was all implemented butIn as I
was working on all of this I started to I think personally I actuallyreally like the magic link for stuff because for various reasons it's it's
incredibly more secure.So like if I were to have a data breach which of course, it wouldn't be me
it would be Firebase I would have the data breach. So, I'm not really
worried about that. But if that were to happen or rather for services thatI use I prefer and that they use magical links because if they were to have
a data breach all that's lost is my email address, which is,Everywhere
There's nothing secret or private about my email address.
They wouldn't be able to get my password. And I do use a password manager,
but I wouldn't need most lots of my family doesn't use password managers.
They have either some sort of algorithm. They've come up with for
generating passwords, which I used to do actually or they have they justreuse passwords or whatever.
And so data breaches don't reveal any passwords of any kind. And so that's
it's way more secure in that way. Because there's just no data to lose.
But,The other nice thing about this is or or the like the biggest concernthat people have with this as well. I do use a password manager and if you
don't have a password then I can't put you in my password manager.
And no, that is false. You can definitely create a an email only entry inyour password manager. And the reason that you'd want to do this is if you
have multiple email addresses, or you use email aliases or something.Sometimes you can forget which email you use for a given service.
So you just add an entry to that email or password.With the email that youuse and just don't have a password. And then it makes the implementation
way easier as well. So there's no need to worry about password reset or or
securing the password or changing the password or any of that.So like forgot my password all that stuff just goes away. So you can get
rid of a ton of complexity just by eliminating the password. So I am all inon magic links. I think that they're great and if you don't log people out
automatically after a couple days then or you keep them logged in for amonth or so.
Then,There's no problem with the user experience either. Have a good day.

Further episodes of 3 Minutes with Kent

Further podcasts by Kent C. Dodds

Website of Kent C. Dodds