An organization I'm a member of uses this for sign-in to the membership management platform. There, I think it works well, and I haven't been annoyed by it. I use it rarely, and definitely rarely enough that if I tried to memorize the password I'd have to go through the password reset workflow every time.<p>Scaleway (basically a cheaper, European version of Digital Ocean) offers this option, and it annoys me because it used to mean an extra button click before the password field shows up. (Nowadays, they instantly detect that your password manager filled out the password after you click the button and then instantly log you in.)<p>I think it's a viable alternative for something that people use rarely, but for frequent actions, "site specific bearer token managed by your browser" is the most convenient for most people, and the easiest way to implement that right now is with a password (which may be generated by the browser, saved by the browser, and filled by the browser).<p>Is there anything API that explicitly has the browser authenticate with a cryptographic key that reliably works across the major browsers and syncs from one device to another? WebAuthn seems to be going in that direction - but is a mode that doesn't require a U2F key supported in practice?
I started to avoid using such sites and services with the “unmagical” email link. Was especially frustrating when I don’t have the multiple emails on my multiple devices. The iPad I use does not have my work email set up for example. I use a password manager and this annoyance is not necessary at all.<p>Maybe sites can offer both choices if they insist on email authentication.<p>There is also a huge swath of humanity who do not interact with emails anymore, especially in developing countries.<p>Many sites in India offer both username/password and the option of logging with your mobile number and a text entry code sent.