Treating Email More Like a Password Manager.

There is a natural tendency that communication tools, which never meant to be security devices, end up being used heavily for security purposes. This happened to both emails and mobile phones. You know, SMS to a mobile phone is still sometimes the only option for a second factor authentication, despite a lot of evidence that it's a very bad idea due to SIM swap attacks (…) And emails are almost universally being used to reset passwords.