This would drive me up the wall. I don't want to have to sit in my mail client, waiting for it to pull down the message that may-or-may-not have arrived at my mail host yet, when it's incredibly easy to use a password manager for everything without having to leave my browser. He bemoans the number of controls you need to interact with to log in, but to get to log in with his method, I need to put in my email address (or take the time to find it in the list), interact with whatever control submits the form, switch to my email client (at least 1 control, probably more), refresh it to get the most recent messages (perhaps more than once), open the message, click the link, go back and close the window I used to start the login process in the first place, then switch back to the window with the app in it. Seems far more complex.
I don't buy his premise, either; he claims you need to interact with "6 different controls" to log in to Facebook, but (a) you only interact with 4 of them and (b) that's only the first time you log in from that computer. He's trying to solve a problem I have never experienced. I'm curious to see if others have felt overwhelmed by the number of controls on login forms; this is a problem I've never had.
The idea here is you only need to log in on a device once (or as often as you delete all your cookies). After that the site would remember you, so there really wouldn't be that much waiting on emails to arrive.
Definitely not something I would want for my bank account, but who cares for logging on to a support forum or some other trivial account.
So why not just make the session last forever the same way, but using a password instead of requiring me to login to my email and click a link? I logged into Facebook the first time and as long as I didn't delete cookies, I could go to Facebook on that device today, tomorrow, next week, next month, next year... And never have to put my password in again.
Not really saying Facebook, but using Facebook as an example. They keep the session alive until you either delete the cookie, or the session from your control panel. Why deal with this email method when you can just keep the session alive forever unless they logout or delete cookies, after they have typed their password in?
First thing I thought too. The email validation step, in my opinion, is the most annoying part of signing up for any site. I often log in places on devices where I don't have access to my email, so this requirement would completely keep me off your site.
I don't buy his premise, either; he claims you need to interact with "6 different controls" to log in to Facebook, but (a) you only interact with 4 of them and (b) that's only the first time you log in from that computer. He's trying to solve a problem I have never experienced. I'm curious to see if others have felt overwhelmed by the number of controls on login forms; this is a problem I've never had.