Signing in to Medium by email
Until now, you could only sign in to Medium using Twitter or Facebook. Both these services make signing in quick and easy, and also allow us to build out our users’ connections, so we can show them stories written and recommended by people in their network.
However, we received feedback from lots of people who wanted to create an account on Medium without using a social network. Some don’t have a Facebook or Twitter account. Others do, but would prefer not to use them just to try out a new service. Still others are simply unable to access social networks due to censorship laws in their countries.
Today, we’re pleased to offer sign in and account creation on Medium using only your email address.
Authentication is serious business. We wanted to make our sign in process as secure and simple to use as possible, across all platforms. Passwords are neither secure nor simple. They’re hard to remember or easy to guess, everyone re-uses them (even though they know they shouldn’t), and they’re a pain to type on mobile. They don’t even keep you that safe.
Signing in to Medium using your email address will not require a password.
That’s right, no passwords. When you want to sign in to Medium, we’ll send you an email that contains a special sign in link. Clicking on that link will sign you in. That’s all there is to it. If you’ve ever used a “forgot password” feature, it works a lot like that, except you don’t have to forget a password to use it.
It sounds counterintuitive, but this is actually more secure than a password-based system. On most services, if someone guesses or cracks your password, they gain access to your account until you change your password, which might not be for a long time. You might never know that they have access. With this email-only system:
- You’re automatically notified when someone tries to sign in.
- The sign in link expires after a short amount of time.
- The sign in link can only be used once.
What if someone gains access to my email address?
If someone has access to your email, they will be able to gain access to your Medium account (along with all your other services). Even if Medium required passwords, we’d need a forgot password system, and they could use that to gain access by sending a password reset to your email address.
How much time do I have to click on the sign in link?
Sign in links will expire after fifteen minutes.
What if I don’t receive an email?
Check your spam folder. If it’s not there, and you still haven’t received it after a few minutes, make sure you entered your email address correctly. The email will be sent from firstname.lastname@example.org with the subject “Sign in to Medium.”
Why is it telling me I created a new account instead of logging me into my existing account?
Email addresses on Medium are case-sensitive. Be sure you’re entering the email address exactly as you entered it when you created your account. If you can’t remember, contact us at email@example.com.
What happens if I forward a sign in link to someone else?
Don’t do this. Anyone who has the email will be able to sign in to your account.
Are you going to remove Sign in with Facebook and Sign in with Twitter?
No, you’ll still be able to sign in with these services as before. And you can still connect Facebook and Twitter to your account after you create your account.
I already created an account on Medium using Facebook or Twitter. Can I sign in using my email address?
Yes. You can sign in to your existing account using the email address on your account.
What if I access Medium from a shared device?
You should sign out of all the services you’ve used, including your email, when you have finished using a shared device.
Are you going to add the ability to sign in with any other services?
We’re constantly listening to user feedback and using that to determine whether or not to implement support for other services.
Can you send me an SMS instead of an email?
We’re launching with just email, but we will certainly be considering other options for the future.
Does this work on the iOS and Android apps?
Yes. The sign in link you receive when signing in to the iOS app will take you straight into the application. Android support for email sign in is coming soon.
I still have more questions!
Feel free to reach out to us at firstname.lastname@example.org and we’ll do our best to answer them.