alt Hacker NewsI'm sure this is worse than using lastpass in some way
but for the past couple years I've just generated and forgotten 90% of my passwords. the final 10% I keep in a password manager. But if the service isn't really that important I just use the 'forgot my password' to change and generate a new password every time I need to login
Replies
seb1204 • today at 12:57 PM
I got caught out as I had no longer access to the old phone number that was now used to send 2FA text.
➕ show 1 reply
vel0city • today at 3:24 PM
This is why a lot of services have just moved to using email with magic links to log people in.
In the end for a lot of services controlling your email is defacto controlling the login.
➕ show 2 replies
This works if the account doesn't have 2FA. On my last side project app users can login only via email OTP. There are security downsides with that, someone can send phishing link and use OTP submitted to the fake site, but the app doesn't store anything sensitive (it's a game which tracks your progress) so I guess it's not a major security risk.