[nycphp-talk] Relax your password rules
Jerry B. Altzman
jbaltz at altzman.com
Tue Jun 10 10:04:01 EDT 2014
on 6/10/2014 9:55 AM Federico Ulfo said the following:
>
> The notion of "I don't have FB, therefore nobody should force FB
> auth"
>
>
> Oauth should be an extra option not the only option!!!
s/should force/should encourage/
> Most people do use Social Networks but there's a small minority that
> doesn't use or use them in a different way context, for example I use
> Google+ only with my work email, could be unfortunate to register at
> the bank with it because one day I may change job... I also have a
> joint Facebook account, my wife and I share the same account and I'm
> sure that other people found other original way to use social in an
> unconventional way. Also don't forget that there are Tumblr, Pinterest
> ... and in other countries other social networks, Sina Weibo etc.
Encourage, not force. But, in fact, small sites like StackExchange
strongly encourage not creating local accounts: http://bit.ly/1uRbFj0
> Oauth is a safe solution that makes our life one click away to be
> easier, but the authentication through password will stick around
> still for a little bit therefore restriction and security will have to
> stay high as well so expect website that ask a password that contains
> absurd klingon characters in it.
No argument there.
//jbaltz
--
jerry b. altzman | jbaltz at altzman.com | www.jbaltz.com | twitter:@lorvax
thank you for contributing to the heat death of the universe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20140610/0ff3dd96/attachment.html>
More information about the talk
mailing list