Have you reset your passwords lately? In recent years, more than 1 billion passwords have been leaked from big websites such as LinkedIn, Adobe, Tumblr and MySpace in various security breaches.
The Deckee team has been thinking a lot about security and how we can ensure our community’s personal information is kept safe now and in the future.
We wanted to make signing in to Deckee as simple and secure as possible. The thing is, passwords are not simple or secure. Passwords are either hard to remember or easy to guess, and it is too easy to re-use them on multiple websites (please don’t do that).
In fact, reusing a password is the worst thing you can do, because if one of those websites gets hacked, the hackers can use that same password to break into your accounts on other websites. You see? They don’t really keep you that safe.
Recent surveys have shown that 88% of people have forgotten at least one password recently, and have been forced to reset it.
Here’s what happens when you forget a password:
1) You go to a website, click the “forgot password” link, and type in your email address
2) You open an email from their website and click a special link they sent you
3) This special link takes you back to their website and logs you in, then forces you to come up with a new password
If you think about this for a moment, you’ll realise that your password does not actually matter. The only thing that matters is that you have access to the email address that’s associated with your account.
Thanks to the ‘forgot password’ feature that every website uses, every website already has passwordless login — they just don’t call it that.
From now on, you don’t need a password to sign into Deckee!
When you want to sign in, we’ll send you an email that contains a special link. Clicking on that link will sign you in. That’s all there is to it.
Frequently Asked Questions
So why do websites even use passwords?
Ask any cybersecurity person – passwords are throwback to when we didn’t have anything better. Even now, many websites have tried to fix it through adding things like Two Factor Authentication, additional passwords and other complex ideas. For websites where you have really sensitive information, like your bank, it’s a great way to protect your information. For Deckee, we want to make it super easy for you to be part of our community (and we’re not your bank). We think a lot more websites will do what we have done. It makes it easy for you, and stops hackers attacking websites to get passwords they can use on other websites.
But isn’t using a password faster than clicking a ‘special link’ in my email inbox?
Try it – it’s not. In the time it takes you to reset a password, you will already be using Deckee. Plus, we also keep you logged in (whenever we can).
What if someone gets access to my email inbox?
If someone has access to your email, they will likely be able to gain access to all of your online accounts, including Deckee. Even if Deckee required passwords, we’d need a ‘forgot password’ system, and they could use that to gain access by sending a password reset to your email address.
What happens if I forward a sign in link to someone else?
Don’t do that. Anyone who has the email will be able to sign in to your account.
Is there any other way I can sign in to Deckee?
You can now also sign in to Deckee securely using your Facebook account. By using Facebook, you don’t even need to enter your email, let alone a password!
Is this new system really that secure?
We are fortunate to have worked with cybersecurity experts who have tested our system and support this move (and also use it to sign in to Deckee).
I have more questions!
You can always email us at firstname.lastname@example.org. We’ll reply pretty quickly if we’ve had enough coffee!