Magic login links are underrated. They're a great way of logging in to little-used services, and faster than the password reset process.
miniblog.
Related Posts
Discord has a neat login technique I haven't seen before.
If you open the native client, it checks to see if you've already logged in from the browser! If you have, you don't need to re-enter your password.
Using spaced repetition apps with 1Password to help you memorise passwords without storing them in plaintext: https://boinkor.net/2018/11/memorizing-passwords-with-anki-1password/
Cute idea, although ideally a password manager minimises the memorisation necessary. It's a nice example of composing apps though.
If a user types hUNTER2 and your service corrects it to Hunter2, have you reduced security? How much will it help?
This fun paper explores this Q, finding you can preserve security and fix 10% of logins:
pASSWORD tYPOS and How to Correct Them Securely https://www.ieee-security.org/TC/SP2016/papers/0824a799.pdf