请问HN:魔法链接认证是否使用了HTML画布?
许多网站开始越来越频繁地使用魔法链接认证,我在想这是否也是为了从账户持有者那里获取更多信息的趋势。
我不喜欢这种认证过程,因为它迫使我每次都必须使用电子邮件系统进行身份验证,这增加了登录所需的时间。以Claude.ai为例,至少在认证过程中提供了一个选项,可以在收到电子邮件后使用代码登录。问题是,电子邮件中并不包含代码。你必须点击一个链接,打开一个网页才能获取代码,而在这个过程中,它似乎还想进行HTML画布操作。我觉得在尝试登录我付费使用的服务时这样做是对隐私的侵犯。我在想我是否想错了,或者是否有人注意到这一点,或者对这个过程有不同的看法。如果这种情况确实存在,我们能做些什么?此外,我也想知道为什么越来越多的公司选择这种认证方式的真正原因是什么。
查看原文
Many sites are starting to use magic link auth more often and I am wondering if its a trend to also glean more information from the account holder.<p>I dont like this auth process because it forces me to have to use the email system to authenticate every time which adds to the amount of time it takes to log-in. With Claude.ai, the auth process at least gives you an option to use a code to sign in with after you get the email. The problem is, the email doesn't contain the code. You have to click on a link which opens a web page to gain the code and it appears at that point it wants to do an HTML canvassing operation. I feel like that is a violation of privacy to do this at the point of trying to log into a service I pay for. I'm wondering if I am off base or if anyone notices this, or finds a difference in the process. and if its happening, what can be done about it. Also I wonder what the real reason is why more and more companies are moving toward this authentication method.