I stumbled on the “Tozny API” recently which instead of passwords presents a functionality similar to “email me an access code” from Slack. The purpose of which is to help either verify email addresses or promote password-free authentication for your users.
It’s an interesting concept although i’m not sure if it’s going to be accepted quickly by developers. It off course has it’s downsides as Eric Mann explains:
Your service’s or website’s security is only as strong as your users’ ability to keep their own data secure. Moving away from passwords means you’ve lessened the security burden on your customers, but it also means your site is only as secure as your customers’ email.
