You haven't been developing web apps very long, have you?

Steps 5 and 6 are horrible from a UX perspective and actually lower security a tiny bit.

By emailing out a single use password you make it possible for someone to eaves drop on the email train and login to your site using the single use password that you sent over email ... in clear text, over a system that may end up easily being stored on disk and snoop-able on many computers.

There is absolutely no reason to email them the password, you've already verified the email address is viewed by the user, doing it again just exposes that information to other people who may not know the users 2 security questions, but do already have access to the users' email.

You've effectively made your security questions useless if someone hacks the email account in the first place, which is often the case before using that to spider out and discover other services the user has. (You check the users sent/inbox/archive for emails from certain email addresses that are used by various services and can quickly tell the user does use specific services.)

Emailing a password is ALWAYS BAD PRACTICE.

ALWAYS.

Did you hear me? ALWAYS.

When you think you've figured out a way to make it 'safe'. Jab an unsharpened pencil in your eye as punishment and remember: ITS ALWAYS A BAD IDEA TO EMAIL PASSWORDS.

I'll go ahead and not bother pointing out how bad of an idea 'pre-defined' security questions are at this point, seems like you probably need to do some brushing up one security practices from someone who knows a bit about what they are doing. FFS, there are frameworks for every major web dev environment for user auth recovery. You shouldn't even be rolling your own.

Apple backs up my passwords with an encryption key which is also protected by a separate password.

Apple CAN NOT read my passwords, so they can not share them.

Not sure about Google, but I hope it does the same.

Microsoft is uploading passwords clear text or in some other equally dangerous form thats decryptable so they can be shared.

If she's thinking about it, why are you the one asking about it?

Sounds more like she's thinking about not trying very hard to get back into it ... You ever consider that she doesn't actually want to? Maybe you want her too? Maybe she's only trying to put forth enough effort to appease you but not actually enough to get a job?

Something is wrong if you're asking for her.

Ah kids these days. This years fad is not a huge wave.

I guess they aren't aware of WebKit ...

And if I Blink a few times ... I can probably think of some relatives of it as well.

Yea, its roughly the same as saying I can write windows in one line of assembly ...

Because I can jump to the windows init code ... that was written using millions of lines of code from thousands of other people.

Slash dot is now run by Dice, a recruiting company that wants to demonstrate to the world that it is incapable of hiring someone who isn't an incompetent idiot to do web design ... Or management, or marketing, or customer satisfaction or more or less any other job.

Dice maintains a web presence only to demonstrate that they have no fucking clue what they are doing and that they'll be happy to whore themselves and properties out for a quick buck even if it means cutting themselves out of $100 tomorrow.

This dice ... They sell ads based on number of page views and are too racking stupid to realize making it obvious on how to get to the next page means more page views and by proxy more click through potential.

It's worth saying again, Dice and Slashdot are managed by complete idiots

You do realize as soon as you do something as stupid as using 'MURICAN' you utterly destroy any validity in your argument what so ever. You had potential, but blew it by being as ignorant as the opposing view.

Do we really need to go much further?

You can rant and rave, but when you're defending shitheads like the ones the US asks to be extradited you just make yourself look ignorant.

At what point do you not realize this is a taxi service and stop calling it ride sharing.

This is not ride sharing. If you think it is, you're an idiot. This is a taxi service and they need to play by the same rules as everyone else.

Whats next, murder is illegal because the murder claims that he's really just a liberator of trapped souls? Sound ridiculous? Yea, so is calling anything about Uber 'sharing'

Been programming for a long time. That sentence is useless. Its meaningless speech you direct at your manager who doesn't know what you're doing.

That may have meaning to people very involved with the project, but only if you're all on the exact same page, which is pretty much the case never.

Keep in mind, that even though slashdot just rediscovered the practice, this 'style' has been done before and it universally sucks.

This is nothing but a rediscovered fad for people who can't actually code but think they know all about it.

...

Your solution to the problem is to try to kill the problem of bad developers by hiding it with the language.

Could you name one example of where that has actually worked, EVER?

When you write your 3 lines of Swift (lets limit it to languages real people outside of one company actually use), there are possibly a million lines of C could doing the actual work.

You do real work in C. You ride on someone else C code in pretty much every other modern language. Switching them from C to any other language won't solve the problem, the problem is using people who don't think things through. Thats not a language problem is a person problem.

And for examples:

U.R.L. is an initialism.
Saying EARL would make it an acronym (and it makes you sound like a douche when you say it :)

C.O.B for close of business
COB (like corn cob) is an acronym.

And also, for reference, turning initialisms with no vowels in them into acronyms makes you a douche as well.

Its W.S.D.L. NOT wiz-dull. Its V.o.I.P. not voip. Its S.Q.L. Not Sequel. Yes, many people turn these perfectly valid initialisms into acronyms and in the process make the rest of the world dumber and themselves sound retarded. Exception: MSSQL Server is Sequel Server, all others are pronounced letter by letter, not as a word.

Well, good thing people are stupid enough to use Wikipedia as an authoritative source instead of a dictionary.