How many of you are worried about the extensive use of Social login (Mainly google, Facebook,Linkedin…) and would prefer something like a dedicated login service for personal use? This kind of authentication is already in enterprise level like Okta and 0Auth
Yes, dedicated login.
- Easy to manage and control
- Not easy to monitor as same as one with social buttons sign up
When you login using your social media, both the website and your social media log on you info (sure they might after time know you using that website but at least you prevented some more info) also some websites literally sell your email address so if you using your FB for example you limited to that but if you using just email address you can always hide it using email aliases or delete it and make new one also when you let’s say lost your FB account, you no longer have access on your account on that website. so in summery using dedicated login is better from privacy and actually normal side too!
How about a system of dedicated login service provider (Similar to okra or OAuth but for common people as a Login provider) which can enable login instead of doing a social login? If such a system i implemented, will it be accepted, at least in these open communities?
(I guess Github s something similar, but the usage ratio is so low. Im thinking to add a bit more functionalities)
i really don’t get what you mean, do you mean auto complete like ones in password managers ? (because i think you mean you from your first words) or you just talk in normal ones but use github (i think that from your second half of your words) so tell me what you mean
Im taking about something similar to facebook login or GitHub login. But a dedicated product for Login services one, not a part of any social media or any other services
i really don’t get it. do you mean those links to login page (like add auth link itself not the embedded JS and it’s stuff) or do you mean the login like github login inside github itself ?
If it’s first one, its same thing. the service still knows what you did
If the second one, actually it tracks nothing because it’s own service and it would be normal tracking stuff such as when last time you logged in
im sorry most of time im dumb so if it’s not what i mean give me exmple
So, you are talking about implementing a single sign-on (SSO) service that is similar to “Login with GitHub”, etc. but without any connections to any social network?
The server likely must accept this alternative way of logging in. So, it is hard to say if “open communities” would accept it. Further, most password managers allow you to semi-automatically log in, and this looks more trustworthy than using a new SSO service.
So, one other way of doing it will be to remove passwords altogether. Like device based Sign on, using multi authentication key system or something. In a IT company environment it seems more easy and manageable, but for regular users, im not sure how much secure such a system can be.