The service I work from doesn't use passwords to log in at all, it just sends a confirmation mail to your inbox.
Given that password resets exist everywhere, your security is already 100% bound to the security of your inbox, so you might as well cut out the middle step.
Given that password resets exist everywhere, your security is already 100% bound to the security of your inbox, so you might as well cut out the middle step.