Medium, the popular blogging platform, has just launched a new feature that lets you sign up for or log in to its service via email. But not only that: It lets you do so without the need for a password.
“Passwordless” email sign-in?
Now, on Medium’s website and mobile apps including its official iOS app, you can now sign up or log in with an email but without a password.
How does it work?
On Medium’s landing page for new and returning users, there’s now an option to sign in with email in addition to the options for signing in with Twitter and Facebook. Click this option, enter your email address, and tap the Sign in/Sign up button to proceed.
Then check your email for a message from Medium. Click the link in that message to create or log in to your Medium account. And that’s it.
Note that you can use Medium’s email-only sign-in system whether you’re just creating a new account or logging in to an account you’ve created using Twitter or Facebook.
Is it secure?
Amid a spate of hacking attack on banks, retailers, government agencies, and Web services, account security has been a matter of the utmost importance among many users — as it should be. So it’s quite natural to consider whether Medium’s “passwordless” solution is as secure as, if not more secure than, the typical password-based system it supersedes.
“It sounds counterintuitive, but this is actually more secure than a password-based system,” Medium maintains. “On most services, if someone guesses or cracks your password, they gain access to your account until you change your password, which might not be for a long time. You might never know that they have access.”
Under Medium’s new system, you’re effectively notified every time someone tries to sign in to your account with your email. Moreover, the provided sign-in link is set to expire in 15 minutes and is meant for one-time use only.
Needless to say, be sure not to forward the sign-in link to anyone.
Look, ma, no passwords!
Forget your password? Oh, right, there’s no password to remember and forget with Medium.
If there’s a downside to this new system, it’s that the process is not unified, as it requires you to go in and out of Medium to check for your sign-in link.
Here’s hoping Medium comes up with a smoother passwordless sign-in workflow along with some other alternative methods for securely signing in to its service, including ones that employ SMS or two-factor authentication.
You can start using Medium’s passwordless email sign-in system on the platform’s website and official apps including Medium for iOS, which is free to download from the App Store for iPhone, iPod touch, and iPad running iOS 7.0 or later.
The new version of Medium for iOS also introduces the ability to send drafts to the Medium website. Just swipe on a draft in the app’s Drafts section to access the option to move it to Medium.com, aside from the option to delete it.