don't ask for passwords anymore.
o for apps: send login links by email and then store passwords o for webapps:
. either allow to reset the password (and make sure it allows the browserS to save and apply just like on the login prompt) . or also login directly and allow sessions for ever (plus a disconnect feature other devices in the user settings) -- warn about default browser when using links by email