Jared

Auth is one of those things that is so interesting. We even use it as a base case for build versus buy decisions because at its simplest... it's completely a build thing. Like it's a solved problem at its simplest case. Right. Totally.

Auth is one of those things that is so interesting. We even use it as a base case for build versus buy decisions because at its simplest... it's completely a build thing. Like it's a solved problem at its simplest case. Right. Totally.

But then the thing is, is like, there's this sprawling concern that happens over time with it, where it's just the simple case doesn't, isn't sufficient over the course of time. And so all these other things come in SSO, MFA, more alphabet soup. Um, And now you find yourself kind of reinventing lots of little different wheels in order to stay in the build camp on that particular thing.

But then the thing is, is like, there's this sprawling concern that happens over time with it, where it's just the simple case doesn't, isn't sufficient over the course of time. And so all these other things come in SSO, MFA, more alphabet soup. Um, And now you find yourself kind of reinventing lots of little different wheels in order to stay in the build camp on that particular thing.

And this is back in the developer zeitgeist right now because there's been some conversations around magic links, one-time pass codes or passwords, pass keys. Yep. Our password's dead. We got excited about pass keys, Adam, you and I, last year speaking with 1Password folks. Is that right? It was. Yes. And didn't actually roll them out for our site, but have been longtime Magic Links users.

And this is back in the developer zeitgeist right now because there's been some conversations around magic links, one-time pass codes or passwords, pass keys. Yep. Our password's dead. We got excited about pass keys, Adam, you and I, last year speaking with 1Password folks. Is that right? It was. Yes. And didn't actually roll them out for our site, but have been longtime Magic Links users.

So I know all the drawbacks of Magic Links.

So I know all the drawbacks of Magic Links.

I've hit them all. And I was pretty excited when I implemented them back in 2016 for our website. And we have not that many people signing in and technical users. And so it seemed to make sense. But still, I've hit all kinds of things that are just...

I've hit them all. And I was pretty excited when I implemented them back in 2016 for our website. And we have not that many people signing in and technical users. And so it seemed to make sense. But still, I've hit all kinds of things that are just...

little sand in the gears huh a little bit a little friction just like oh yeah you know and so ultimately we're all trying to either augment or replace password base off you know because of the security concern it's just like so prevalent but and that i actually want to ask you like back in 2016 was that the main reason the main impetus for doing magic links was security concerns

little sand in the gears huh a little bit a little friction just like oh yeah you know and so ultimately we're all trying to either augment or replace password base off you know because of the security concern it's just like so prevalent but and that i actually want to ask you like back in 2016 was that the main reason the main impetus for doing magic links was security concerns

basically was like, I can't lose what I don't have. Sure. And I don't have any reason to store your password if I can get away with it. I had realized I had this little epiphany. I think other people were starting to realize this as well, that the forgot password flow is what most people end up doing when they don't visit a website very often.

basically was like, I can't lose what I don't have. Sure. And I don't have any reason to store your password if I can get away with it. I had realized I had this little epiphany. I think other people were starting to realize this as well, that the forgot password flow is what most people end up doing when they don't visit a website very often.

And our kind of website is the one where you're not going to visit all the time. Like you're going to come in, you know, subscribe, unsubscribe, comment. Once every couple of years, maybe. Yeah, exactly. Yeah. And so every time you come back, unless you live in password manager land, which admittedly a lot of our people do, you're doing the forgot password flow anyways.

And our kind of website is the one where you're not going to visit all the time. Like you're going to come in, you know, subscribe, unsubscribe, comment. Once every couple of years, maybe. Yeah, exactly. Yeah. And so every time you come back, unless you live in password manager land, which admittedly a lot of our people do, you're doing the forgot password flow anyways.

And so what if we just only did the forgot password flow? It's just as secure, only better because now I don't have to have passwords in my database anywhere ever. And there's just nothing I can lose. And that was basically the reason. And yeah. I still like it for that reason, but yeah, there are all kinds of little, like you said, sands in the gears that you run into with magic links.

And so what if we just only did the forgot password flow? It's just as secure, only better because now I don't have to have passwords in my database anywhere ever. And there's just nothing I can lose. And that was basically the reason. And yeah. I still like it for that reason, but yeah, there are all kinds of little, like you said, sands in the gears that you run into with magic links.

The most of which for us has been delayed email. It's just like, even if you get the email right away, it's a little bit slower than a password manager.

The most of which for us has been delayed email. It's just like, even if you get the email right away, it's a little bit slower than a password manager.