Passwordless logins, as implemented today, are less secure than password logins.
Flaws in the passwordless login system:
1. Authentication is done on unsecured connections. With all of the shouting over privacy and security, here we are abandoning secured, encrypted connections for SMSes and e-mail, two unencrypted, unauthenticated, somewhat unreliable, easily intercepted, plaintext messaging systems.
2. Replacing an out-of-bound token with one stored purely online. Any actor who controls the network (or your computing device) can subvert the login.
3. Depends on a pre-existing authentication, which itself uses passwords (or none at all), leaving you at the exact same state of security as you had before. Instead of two passwords that are the same, you have one password (the e-mail password) that is the same, or zero authentication with SMS.
4. No mandate for multiple-factor auth, nor out-of-bounds auth.
5. Zero security for the tokens (cookies) stored on the user's system, so data at rest is at risk, unless your browser encrypts cookies with a master password. Of course this is moot considering the total lack of encryption on the smtp/sms side and the lack of out-of-bounds auth.
Reasons why password logins are more secure:
1. Uses secured, encrypted connections to transmit secrets. Prevents man in the middle attacks and interception of logins.
2. Provides an out of bounds auth token. The only way to subvert this is to intercept it as it goes into a computing device, meaning either the client or server would have to be compromised at the time of login.
3. Data at rest is encrypted and only the user's cached token (cookie) can be used to steal a pre-authenticated login.
4. Password can be unique to the service, so a compromise of one system does not compromise all.
5. Industry standard is already to require multiple-factor authentication to be combined with this method for increased security.
Flaws in the passwordless login system:
1. Authentication is done on unsecured connections. With all of the shouting over privacy and security, here we are abandoning secured, encrypted connections for SMSes and e-mail, two unencrypted, unauthenticated, somewhat unreliable, easily intercepted, plaintext messaging systems.
2. Replacing an out-of-bound token with one stored purely online. Any actor who controls the network (or your computing device) can subvert the login.
3. Depends on a pre-existing authentication, which itself uses passwords (or none at all), leaving you at the exact same state of security as you had before. Instead of two passwords that are the same, you have one password (the e-mail password) that is the same, or zero authentication with SMS.
4. No mandate for multiple-factor auth, nor out-of-bounds auth.
5. Zero security for the tokens (cookies) stored on the user's system, so data at rest is at risk, unless your browser encrypts cookies with a master password. Of course this is moot considering the total lack of encryption on the smtp/sms side and the lack of out-of-bounds auth.
Reasons why password logins are more secure:
1. Uses secured, encrypted connections to transmit secrets. Prevents man in the middle attacks and interception of logins.
2. Provides an out of bounds auth token. The only way to subvert this is to intercept it as it goes into a computing device, meaning either the client or server would have to be compromised at the time of login.
3. Data at rest is encrypted and only the user's cached token (cookie) can be used to steal a pre-authenticated login.
4. Password can be unique to the service, so a compromise of one system does not compromise all.
5. Industry standard is already to require multiple-factor authentication to be combined with this method for increased security.