Ask HN: Are auto login tokens in transactional emails bad practice? | Dark Hacker News