Despite all of the evidence presented that passwords need to be long, I’m still often annoyed by the 10 character limit (especially on mobile, where typing 10 characters into a password box is a bit of a chore).
SSO seems like a good option; I wonder if the ‘Sign in via email’ pattern that slack uses might be useful as well?
- Click ‘send me an email to sign in’
- I get an email with an expiring (5 minutes?) link in it
- If I click on that link, it logs me in and takes me to the front page.