Instant login from email. Why have so few done this?

On some sites you can separate the “important stuff” from the “really, really important stuff”. Let’s say that the “important stuff” on your site allows users to view policies, active members and incoming group messages. The “really, really important stuff” allows you to change policies, reset passwords and add new users. So what you can do is as follows:

  1. Allow your http link to give access to the “important stuff”. After all, it’s not the end of the world if people know about policies, users or messages in your system.
  2. Request an actual username/password authentication if a request is made for the “really, really important stuff”.

In essence you are building different trust levels within your system. The emails you send outbound to entice users are almost always for innocuous activities (“hey, check out the new widget we have added”), and if people wish to stay on the site then they won’t mind the extra time for authentication.

Leave a Comment