Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
theggiveth 5 days ago

As others mentioned, this is backed by the "open" standard FedCM. While this seems like an open play on the surface (and the standard is open), in practice this is a highly anti-competitive and will just lead to Google being in even more control of the web.

The vast majority of users will chose the default for identity. On Chrome this is Google. On Android this is Google. Even on iOS this may be Google because identity is often tied to email and Apple does not have a strong email story. Identity is huge. It gives you moat that outlives platforms.

And all the while, Google gets to claim this standard is open, while in practice this is clearly intended as a monopolistic move to increase their share of identity on the web.

If they were forced to show a randomized list of identity providers a user needs to choose from (similar to search engines on iOS), I bet you they would reconsider this whole approach. But by the time regulators figure out what's going on, they will have already cemented their lead.

WorldMaker 5 days ago | parent [-]

This "standard" also seems interestingly timed with respect to Passkey adoption, too. If one were feeling pessimistic enough, it almost seems too easy to suggest some interests exist here that want to muddy the sign-in waters to capture users considering switching to Passkeys before they actually switch to Passkeys.

JambalayaJimbo 4 days ago | parent [-]

These are orthogonal concerns. Passkeys don't meaningfully simplify the account creation process.

WorldMaker 4 days ago | parent [-]

Having implemented Passkey-only account creation (and management) I would absolutely disagree. I think that Passkeys can greatly streamline the process. The iOS Passkey flow especially feels as simple by default as the "Sign in with Apple" flow (with the ability to customize it with smart password managers in a way you'd never be able to with "Sign in with Apple").

That's partly because Apple sees it their job to migrate people away from OIDC-style signups, for privacy reasons if nothing else, and towards Passkeys, so their UX team is doing a remarkable job trying to reduce friction.

What's Google's interests here? Are there intentional reasons the Android and Chrome Passkey flows don't "simplify" the account creation process enough? It's easy to be cynical here, and seeing them as orthogonal concerns also feels like muddying waters that shouldn't be muddied right now.