We understand the trade-offs and risks associated with this shift. The purpose is to save user’s whose password was leaked from another site and could be reused to access their account on our site.

We are making attempts to minimize the cons (e.g. sessions lasting 2 weeks since last access when access frequency should be at least once per 7 days, using AWS’s SES, using DKIM).

For more information, see the follow-up: https://medium.com/findworkco/password-less-login-continued-9f61bfda0175#.9gnsge2u4