Just curious... why are you making this system? Have your users complained in the past about needing a password to login? I've developed a lot of websites and haven't had one user complain about needing to enter a password, but who knows.
The reason I'm asking this is because, in my experience, users like what's already familiar to them. What you're proposing - just using an email link instead of the traditional login/password system - is a pretty radical change. While the more tech savvy people like you and I might understand the benefits of such a system, your average user - you know, the kind who calls their browser "the internet", enters URLs into Google instead of the browser bar, etc. - might be a little scared of your method. - Jamie On Mar 10, 8:15 pm, Yura Linnyk <[email protected]> wrote: > Hello fellow bakers, > > I've just baked a simple web-app,http://WhenDidYouLast.com, where I > implemented a proof of concept I had been thinking for a while - a > passwordless seamless registration, where you don't have to register > and don't have to remember you password, just enter your email, check > your inbox for authorizing link and voila, you are logged in. > > Now I'd like to ask an advise of the community. Do you see any > security pitfalls in the idea? Is it not convenient? or lame in any > way? :) Personally when I get registered at a next web-app I catch > myself thinking about why wouldn't they let me in this simple way and > not make me think of a password, save it somewhere etc. and just have > me visit my inbox. Unless it is my bank's account, of couse, or a > larger scale app. And most of web-apps allow me to reset my password > with my email anyway. A couple of websites I am registered at, send me > auto-login link when i get a new PM, but still require me to remember > password if I'm just visiting. > > So as far as we're talking about a web-app where I don't need any > personal information about you as a user, recognizing and authorizing > by email looks like something worth going with. Though I can imagine a > user concerned about not sharing his email who would choose to > register an account with login and password if it allows him to skip > entering email. > What do you think? > > The app is baked with Cake 1.3 rc1, Authsome (aptly named, so to > speak!) and Blueprint. Quite simple, I'll be adding some features > later :) Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
