Log-in system by emailing a random password every-time user logs in?

Question

I want to implement a log in system:

1. User simply provides his / her email to sign up / sign in.
2. A random password is generated and sent to his / her email, with a valid period of, say, 30 minutes. Hash is stored in database that will be deleted 30 minutes later.
3. He / she enters the password within 30 minutes; optionally, he or she can choose to be remembered for x days.
4. He or she is logged in if the password is correct.
5. The password is invalidated and hash deleted.

After googling, I found this: http://en.wikipedia.org/wiki/One-time_password

It seems all right, but no points concerning usability. My main concern is whether or not it would be annoying to the end users, because every time he or she needs to log in, he or she has to check their email inbox for the password. I'm not quite a mobile user but would this be painful on mobile devices?

What's your opinion on this? Any potential problems of this approach? Would it be annoying?

Answer 1

There are two main problems with this approach.

1. The first question you already asked yourself, would you mind to log-in to your email account, just for log-in to another site? Maybe the email even ends up in the spam folder and people would be unsure why the system does not work.
2. The second problem is, that users can (sometimes must) change their email accounts. Maybe you changed the company you are working for, changed the internet provider, had to give up an email address because of spam, you always loose access to this email account. Such users would have to remember to change the address on all such websites like yours, otherwise they are blocked from the service and you will get a lot of support calls.