HN is going to skew towards people with password managers & concerns about vendors locking you out. I think most people just want low friction - be that 'Sign in with', or passwordless-based authentication like 404media (you want to sign in? You've been emailed a code)
> passwordless-based authentication like 404media (you want to sign in? You've been emailed a code)
How is this low friction to manually copy/paste a code from email as opposed to allow a password manager to log me in automatically?! This kind of authentication is the stupid current trend I hate the most TBH.
> > HN is going to skew towards people with password managers
Towards people with password managers, or towards people who want to have the freedom to choose how they log in? I also hate those damn login emails.
But everyone has a password manager now. They come builtin to all major browsers, Apple ecosystem, etc. My non-technical girlfriend uses one.
Yeah, and I support anything that makes security by default easier. I'd love to see adoption numbers for in-browser password managers, though, because I feel it's not very high yet.
> I'd love to see adoption numbers for in-browser password managers, though, because I feel it's not very high yet.
Why specifically in-browser?
Because without that the argument of "everyone has a password manager" fails. Tons of people don't have 1Password or Bitwarden or Lastpass or KeypassXC or whatever.
So sure, they might technically have a password manager installed, in that every major browser has a password manager included. But do they actually use it? That's what really matters.
Yeah, this is why. "in-browser" was unclear when I also meant the iOS ecosystem password manager and stuff.
I'm not sure non-technical people have a good understanding of or experience with password less email login either. While doing tech support I've seen people get very confused at the need to open another app to login in or the fact that they're now logged in in the webview of their email app and not logged in in the app or browser they had been using (especially if the first thing that web view does is pop up a giant "try the app" modal)
I can't stand the 'use the app' nag modals!
Thanks for your insight. Outside of being a consumer, and as a security engineer one who appreciates things like passwordless, my experience comes from my employers passwordless rollout. The sentiment is broadly positive, but we would veer to a technical user base, and sentiment misses the nuance you brought up.