Here’s a thought…it’s a pain in the neck remembering all your passwords isn’t it? And, who’s to say how secure all those cloud-based password managers are. So, instead of wasting brain space and Post-its trying to remember passwords couldn’t you just use a site’s password reminder, forgotten password email each time you want to login and then create a long, complicated password you instantly forget once you’ve logged in?
As long as your email account is secured with a strong password and you’re using multi-factor authentication for it and have associated it with your phone and a second account as a backup, this could be the way to manage all your logins without having to remember anything other than your username and email login…
Is there a flaw in this idea, other than the extra time it would take to reset the password each time?
UPDATE: Medium.com does this. Rather than having a password, you enter your email address (once you’re registered) and they send you a link to that address, the link is a one-time login. It works, you just have to ensure you retain control of your email account, but it avoids having to remember endless passwords and also avoids hooking up all these accounts with your Facebook login.
UPDATE: My idea already exists in the form of NoPassword and Ben Brown discussed password-less logins a while back, although it is something I’ve been talking about for years too.