The Frustrating World of 'Magic Links' and Passwordless Sign-Ins
In the ever-evolving landscape of digital security, a new trend has emerged that is leaving many users, like me, scratching their heads in frustration. It's the rise of 'magic links' and passwordless sign-ins, and it's time we had a chat about why this seemingly simple solution is causing more headaches than it's worth.
Let's dive into the world of iOS 26.2 and Apple's Passwords app, where a recent update has sparked some interesting discussions among tech enthusiasts.
The Misunderstanding and the Hope
Juli Clover's rundown of iOS 26.2 features mentioned a new setting in the Passwords app that seemed like a ray of hope for those of us who despise the 'magic link' sign-in pattern. The feature, as described, allows users to manage websites where passwords are not saved during sign-in. I, for one, was thrilled at the prospect of finally having a way to address the growing number of sites that rely solely on these expiring links.
But here's where it gets controversial... this new setting is not what we hoped it would be. It's merely a way to manage sites where passwords have been excluded, not a solution to the 'magic link' dilemma.
The Slow and Frustrating Reality
You see, the 'magic link' design pattern is inherently slower and more cumbersome than traditional password-based sign-ins. When you consider the time it takes for an email to arrive (sometimes minutes!) and the additional steps required, it's a significant inconvenience. And that's not even mentioning the fact that when you create a new account using a 'magic link', nothing is saved in your password manager, leaving you with no easy way to recall which email address you used.
A Workaround, but Not a Solution
I've tried a few workarounds, like manually creating entries in Apple Passwords with a made-up password and a note to myself. It's a clunky solution, but it helps when I can't remember which email address I used for a particular site. However, it's far from ideal, and it doesn't solve the autofill issue.
The Ideal Solution and a Call to Action
The perfect solution would be for Passwords to ask if you want to save just your email address for sites with 'magic link' sign-ins, and for Safari to autocomplete that address as it does with username/password combinations. I understand the challenge Apple Passwords faces in making this clear to users, but it's a problem that deserves a thoughtful solution.
The Reason Behind 'Magic Links'
But why do sites adopt this pattern? Well, it's often to prevent password sharing, especially for paywalled content like email newsletters or streaming services. If there's no password to share, it's harder for multiple people to access the same account. However, this convenience cost for account sharing also punishes honest users who just want a seamless sign-in experience.
A Balanced Approach
Proponents of 'magic links' argue it's beneficial for less tech-savvy users who don't use password managers. While this is a valid point, it doesn't justify making 'magic links' the exclusive sign-in method. Modern OSes and browsers have built-in password managers, and we shouldn't be penalized for using them.
A Thoughtful Discussion
So, Apple Passwords team, I urge you to consider this issue. And to my fellow users, what are your thoughts? Are 'magic links' a necessary evil, or is there a better way forward? Let's discuss and hopefully find a solution that benefits all users, not just a select few.
