feature-request wont-fix add tag
connectyourcharger
As an incognito user (for security reasons), every time I exit out of my incognito window, the session cookies kept by this site for logins will be cast into the void. It's probably not the best thing to use a recovery token every time I want to log in, either.

Can there be some way to log in rather than just the session cookies?
Top Answer
Jack Douglas
> It's probably not the best thing to use a recovery token every time I want to log in, either.

For your special use case, I think using the recovery token as a password is really the most sensible solution.

If someone like yourself has security reasons for using incognito sessions or clearing cookies, they probably also don't want to use ['dolphins'](https://github.com/danielmiessler/SecLists/pull/155) as a password. Long unmemorable strings of random chars are probably more what you are used to. You presumably already have a way of securing your ever growing list of unique-per-site passwords and you can just add this to the list :)

Practically it just means hitting 'link' every time you want to log in and pasting in your recovery token [from the Windows clipboard ring](/transcript?room=2&id=5660#c5660) or whatever ;)

It's also possible to [use a userscript](https://topanswers.xyz/meta?q=464#a502) to reinject your device cookie automatically — but I don't know if that would work for you in incognito?
Answer #2
ffff0h
I'm not sure whether or not this qualifies as an answer, but in the name of this is Meta and it addresses the issue raised in the question, I would suggest **renaming** the "account recovery token" to something like "login key", and then correspondingly change the text on the "link" button to "log in" or something similar.

That would require minimal changes, but still present a more conventional-looking login experience and make it clearer what that GUID is actually used for in practice.

I do imagine that people would still complain that a GUID is harder to remember than `dolphins` or `password123`, though.


---
update by Jack:

we've implemented all the very sensible wording changes suggested in this post while the wider questions are discussed.

Enter question or answer id or url (and optionally further answer ids/urls from the same question) from

Separate each id/url with a space. No need to list your own answers; they will be imported automatically.