From 83385df1ea70da8e8b0210276e1ca1fa75497329 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Halil=20=C3=96zg=C3=BCr?= <h@halil.im>
Date: Tue, 9 Aug 2016 01:12:24 +0300
Subject: [PATCH] Add passwordless (token based) authentication

---
 security-checklist.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/security-checklist.md b/security-checklist.md
index 40ddcfb..85d58e2 100644
--- a/security-checklist.md
+++ b/security-checklist.md
@@ -17,6 +17,7 @@
 - [ ] Check for randomness of reset password token in the emailed link or SMS.
 - [ ] Set an expiration on the reset password token for a reasonable period.
 - [ ] Expire the reset token after it has been successfully used.
+- [ ] Passwordless (token based) authentication: Set a reasonable expiration on the token.
 
 
 ##### USER DATA & AUTHORIZATION