Magic link email login - pro and con

I was favourable to magic link email for login. Until this morning when I needed to login to a service and unable to. While waiting, I thought about this more and here goes.

Pro:

• For development side, we do not need to handle storing user id and password, so this reduces security footprint. 👍🏼
• For development side, relatively easier to develop than our own user id and password.
• For users, one less password to forget or manage with the password manager. 👍🏼

Con:

• It is rare, but email service can go down. Like what happened to me and I was unable to retrieve the email for login link and I cannot do what I wanted to do.
• It breaks the UX flow during user login, because the user must switch to the email app before continuing with the intent of using the service. Sometimes there is a (hopefully short) lag for the email to show up too.
• While in email, users can get distracted with other email. Delaying the user from using the service.
• I use multiple browsers. Clicking the URL in the email may default to a different browser than the one I use for logging in, although this is easy to solve by copy-pasting the URL manually. Still, this slows down the UX flow.

Alternatively, we can use third-party login like Google, Apple, Discord, etc, which comes with a different set of trade off. Subject for a different post.