Comment by fusslo
3 hours ago
I am a vocal opponent to magic links via email (I am an unhinged person, in case it wasn't obvious before :) ).
I NEVER log into my mail from my laptop/desktop. I access my email via my phone's mail app.
So
1. try logging on via my laptop's browser
2. service sends a magic link to my email
3. click the link on my phone
4. now I'm logged in on my phone! not what I wanted!
Manually forward the magic mail to an address which you can use on your laptop/desktop for that purpose only.
Even though i understand your consideration of separating regular access and reset onto different devices, im am still more sceptical about smartphone security than anything else. What happens when someone gets access to your phone? They could redirect and use the magic mails too.