Automated email-based password reestablishment (EBPR)
is an efficient, cost-effective means to deal with forgotten
passwords. In this technique, email providers authenticate
users on behalf of web sites. This method works because
web sites trust email providers to deliver messages to their
intended recipients. Simple Authentication for the Web
(SAW) improves upon this basic approach to user authentication
to create an alternative to password-based logins.
SAW: 1) Removes the setup and management costs of passwords
at sites that accept the risks of EBPR; 2) Provides
single sign-on without a specialized identity provider; 3)
Thwarts all passive attacks.

Interesting idea for web app authentication.