True. Long running sessions would help. There are those that would argue it is a security risk though.
Even EnvKey that I mentioned above has a session cookie of some sort - I can usually use the app for several days after logging in, even if I close the app - but after that I am prompted to instigate the email with my unique login key.
It would be nice if we eventually got to a point where control of whether a password was even allowed, how long your session cookies lasted, and the ability to list and invalidate all existing sessions was as common and expected as a password reset system.
Even EnvKey that I mentioned above has a session cookie of some sort - I can usually use the app for several days after logging in, even if I close the app - but after that I am prompted to instigate the email with my unique login key.