Why not just abandon passwords entirely?

Streamlined blogging platform Medium rolled out a new login process Monday that throws the trusty old password out the window. Instead, you simply enter an email address or phone number, and a temporary login link lands in your inbox or phone—just like password reset or account verification links used by sites when you first sign up. “Passwords are neither secure nor simple,” writes Medium’s Jamie Talbot, summing up a sentiment that has been picking up steam lately. “They’re hard to remember or easy to guess, everyone reuses them (even though they know they shouldn’t), and they’re a pain to type on mobile. They don’t even keep you that safe.” For being gatekeepers (or bouncers) for our online accounts, they’re inordinately vulnerable. They can be “brute-forced” through trial and error, teased out of you with a cleverly worded email or IM message, applied to access numerous accounts—thanks to our insistence on using the sames ones over and over—and easily leaked out onto the Web. Put another way, they don’t really do a good job of proving that you are who you say you are, and keeping everyone else out.