XOXCO – Is it time for password-less login?
XOXCO – Is it time for password-less login?: “I think an even better solution would be to remove the password completely, allowing users to login with only an email address. Each time a user needs to login, they enter their email address and receive a login link via email.”
I don’t know how well this would be accepted, but I LIKE the way this guy thinks. I’m SO sick of passwords and managing different passwords and then reading about how some hacker has dumped them all to a random website anyway. Absolutely worth a read and a re-examination of your approach.
Or how about “we’re sending a text to your (established) mobile device – respond within 2 minutes to authorize your current session.”