Yes, stuff happens. But as said: Most services use long-lived sessions. It's a choice: Trouble people with either insecure passwords and password resets, or take the risk that sometimes when a session was closed people might in rare cases not receive their tokens. Looking at my daily browsing I would be more than happy to get rid of most of the passwords.
Also it's not always the case that a user has access to email when he's trying to log in to your app.