Medium made a huge deal about it when they released it as a feature: https://blog.medium.com/signing-in-to-medium-by-email-aacc21134fcd
Makes total sense though; passwords are an old solution to a difficult problem. Of course it also means that your email better always be in your control otherwise that’s the single point of failure. Cheerio, Ashim Design & Build The Random Lines www.therandomlines.com On Fri, 22 Feb 2019 at 17:25, Deepa Mohan <[email protected]> wrote: > I must say that "use 'forgot password'!" is advice I get very often from my > bank. I think it is an absurd solution that works! > > On Fri, Feb 22, 2019 at 8:53 PM Ra Jesh <[email protected]> wrote: > > > Hahaha. Neat!!! > > > > On Fri, Feb 22, 2019, 20:51 Ashim D'Silva <[email protected]> > > wrote: > > > > > For sites I don’t use too often, I was always tempted to reuse > passwords > > > which is a pretty bad practice, so I started just using the forgot > > password > > > feature more often. So I have a ridiculous entirely random password > that > > I > > > don’t know, and then just say forgot password when I want to log in. > > > > > > It’s could also be a good way to go about changing all your > passwords—and > > > side effect is it confirms your backup email. > > > > > > Cheerio, > > > > > > Ashim > > > Design & Build > > > > > > The Random Lines > > > www.therandomlines.com > > > > > > > > > On Fri, 22 Feb 2019 at 16:55, Thaths <[email protected]> wrote: > > > > > > > On Fri, Feb 22, 2019 at 2:42 AM Udhay Shankar N <[email protected]> > > wrote: > > > > > > > > > On Fri, Feb 22, 2019 at 2:04 PM Udhay Shankar N <[email protected]> > > > wrote: > > > > > > > > > > > > > > > > 1. Log out all gmail/facebook/other social sessions (Most > providers > > > > give > > > > > > you the option to "log out all current sessions") > > > > > > 2. Change all the passwords of pwned email addresses > > > > > > 3. Enable 2FA EVERYWHERE that supports it. Ideally, with a > hardware > > > > token > > > > > > such as a yubikey. > > > > > > > > > > > > > > > > Additionally, I'd also suggest you log in to your various > > (potentially) > > > > > compromised accounts, check under security setting to see if the > > backup > > > > > email address (where password reset notifications are sent) and > > backup > > > > > phone number have been tampered with. > > > > > > > > > > > > > > > > > In addition to all of those steps, I also recommend using unique > > > passwords > > > > in all the sites. It is not going to be possible for you to remember > > that > > > > many unique passwords (especially if you choose strong passwords). I > > > > recommend you choose strong passwords that you memorize for one or > two > > of > > > > your key accounts (Google, Facebook). And use a password management > (I > > > > personally use keepass) to generate and store strong unique passwords > > for > > > > your other sites. > > > > > > > > Thaths > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) > > > > > > > > > > > > > > > > > -- > > > > Homer: Hey, what does this job pay? > > > > Carl: Nuthin'. > > > > Homer: D'oh! > > > > Carl: Unless you're crooked. > > > > Homer: Woo-hoo! > > > > > > > > > >
