login – Bram.us

“Username or Password Incorrect” is Bullshit

There’s a security best practice where sign ins aren’t supposed to say “password is incorrect”. Instead they’re supposed to say the “username or password is incorrect”. This “best practice” is bullshit. […] You gain no security, yet your customers lose clarity. At first I raised my eyebrow when reading this, yet it became clear rather …

Continue reading ““Username or Password Incorrect” is Bullshit”

Read Post →

NoPassword Pattern

NoPassword factors out the password from the registration process. You “register” with an email address and receive a link that gives you a session on that browser until you log out. If you ever need to log in from somewhere else, you can request another email with a link that will log you in wherever …

Continue reading “NoPassword Pattern”

Read Post →