How can it even work?

Passwordless with microsoft can go horribly wrong since there isnt two factors then giving someonr the first factor and they have full access and can change security info

Email with a link is only one option for Passwordless. There is MFA within other Passwordless options that have no issues like the email delay issue.

The only factor of auth being used here is your email, so this isn't really using MFA. If the email service provider (eg: Gmail) is compromised, a bad actor can access your email and therefore get access your Medium account. One way to mitigate this is using another factor of auth such as an OTP texted to your phone via. This is more secure because while it's somewhat likely that either your email can be broken into or your phone can be stolen, the likelihood of BOTH occurring is negligibly small.

I use it on my lesser accounts. But not on my paypal or bank account. The accounts use my computer I.D. Of course anyone using my computer could log in but it is not likely at all.

I currently use a password and the Authenticator app. If my password gets hacked, they still need the authenticator access. On trusted devices I already only have to use the app, instead of a password. I’m still trying to figure out how passwordless is more convenient and safe

Amazing! A video of more than 8 minutes and nowhere do you mention the correct answer to the question in the title... 4:00 Medium not having a password means that if you lose access to your original email account, you also will no longer be able to log into Medium. A false sense of security should not have to come at the risk of losing your account completely because there is no sensible password backup available to get in. 5:00 Instead of password reuse, you have email reuse. All a hacker has to do, is fake up an email to get you to log in to a fake site and provide your personal information there. 7:30 And let's not forget that you are not the only person who has emails that get stuck and take ages to arrive, which means people can no longer log in at a moment's notice.

Thank you! Why do you not generally recommend signing in with third-party services, e.g. Google which itself may be strong enough with 2FA enabled whereas the initial website may lack 2FA option?

Thank you for this information, very helpful. For now, I’m sticking with two-factor authentication using a strong password first. I simply don’t have confidence in this password-less method, especially with my Microsoft account.

PASSWORDLESS is safe for me because it removes the need to hide my password somewhere OFF of the local computer and the fear of losing that document

Im getting lots & lots of sign in attempts spamming my microsoft account trying to log in. I've changed my email used to log in, which as helped a little until they adapt is their anyway to mitigate these attempts its like fighting the Borg ..Shields uo ✨️

Awesome Explication really I understood very well, and I will follow your comments, thanks

Honestly my email account has been getting hacked into let me just say Microsoft/outlook security sucks.

Superb

Interesting video you are right its not perfect

Excellent explanation and I concur with your opinion about 2 form factor being gold. I prefer it myself. However if I loose my phone or stolen it does put a damper or chink in the armor. Or even an Issue with email. I use both authenticator apps, SMS and email with most that would allow it.