| ▲ | Arcuru 6 hours ago |
| If a service offers "Login with Google/Apple/Facebook/etc" you should never do that if they offer a username/password. It just increases the single point of failure. Avoid places that only offer the "Login with Foo" if at all possible (looking at you Tailscale). As an ex-googler, the only reason I was comfortable keeping even my personal email there was because I could reach out internally if there was a problem. I left Google, and left gmail behind too. |
|
| ▲ | shakna 4 hours ago | parent | next [-] |
| One of the other articles on HN's front page right now, is that Germany's implementation of eIDAS will require a Google or Apple account. |
| |
| ▲ | Imustaskforhelp 30 minutes ago | parent [-] | | I genuinely feel like there is something happening where hackernews articles come in bunch/reference-to-each-other :] So one of the comments on one hackernews post on front-page almost somehow always refer to something within a hackernews post on the same front-page. I have seen this witnessed too many times that it might be time to name this phenomenon. |
|
|
| ▲ | suzzer99 2 hours ago | parent | prev | next [-] |
| We offer Login with Google and Login with Facebook on our apps. The fun part is both FB and Google started blocking Selenium and any other automated agents from logging in. So basically there's no way to run end to end tests that confirm the login flows using FB or Google, which have wrinkles that our normal login doesn't hit. |
| |
| ▲ | drnick1 2 hours ago | parent [-] | | > We offer Login with Google and Login with Facebook on our apps. This has the nefarious side effect of allowing Google or Facebook to track people across the Internet and apps. Webmasters like you are, often for no imperative reason, complicit of this by providing such login options. |
|
|
| ▲ | gib444 5 hours ago | parent | prev | next [-] |
| > Avoid places that only offer the "Login with Foo" if at all possible (looking at you Tailscale). Tailscale is the only serious company that I can ever recall offering /only/ third party login. It's bit bizarre on the face of it. Anyone know the reason? |
| |
| ▲ | antonvs a minute ago | parent | next [-] | | Is Tailscale really a serious company? | |
| ▲ | Kwpolska an hour ago | parent | prev | next [-] | | Perhaps they are not a serious company after all? | |
| ▲ | ratorx 3 hours ago | parent | prev | next [-] | | I think I read somewhere (but could be wrong) that it was because they didn’t want to own any “authentication” services. Their infrastructure was zero trust (as in they don’t hold any passwords or private keys), just a discovery server for different devices. | |
| ▲ | drcongo 5 hours ago | parent | prev | next [-] | | Curious isn't it, especially as it's such a bad fit for their product - authenticating with GitHub in order to ssh made the whole thing so much more painful than it needed to be. I subsequently tried switching to using a passkey when that became an option, but it's not possible to make the passkey user the owner of a tailnet created by a GitHub org user, so I'm stuck with two users in my Tailscale and can't delete the GitHub org user. It's the main thing that keeps me looking for a reliable alternative to Tailscale. | | | |
| ▲ | FireBeyond 2 hours ago | parent | prev [-] | | My other annoyance lately is companies that don't let you set a password. It's either passkey only (which I'm not sold on, yet), or "we'll email you a login link". Great, now I have to wait for the email to show up, click the link, hope it doesn't expire if I get distracted while waiting, and then also delete your emails, sometimes multiple times a day? What a shit tier authentication mechanism. | | |
| ▲ | drcongo 2 hours ago | parent [-] | | I despise this. Slack keeps doing this even though I have a password and 2FA configured. |
|
|
|
| ▲ | navigate8310 5 hours ago | parent | prev [-] |
| Tailscale offers custom SSO for free |
| |
| ▲ | nottorp 22 minutes ago | parent [-] | | Shouldn't a service that may be the only way of remotely accessing your devices be ... independent of a 3rd party authentication service? | | |
|
