• It reminds of this:

    There were more options on the website, but I forgot the name of the website, and I cannot find it now… :(

  • 9 days

    The worst login option is Google and Facebook, because they don’t allow creating separate accounts without identity verification by phone number or by connecting a phone with Google services. For now, other services still allow creating an account without linking your identity, but that won’t last long 😢

  • How hard is it to implement email verification?

    Harder, actually.

    That’s the point of OAuth, which is what you’re seeing there.

    The idea is that you’re you and you have a… google account. This shitty little website doesn’t want to be responsible for you login details, because those can get stolen. Maybe they contain an email address, which is a problem. Software needs to be updated, it’s all a big. They don’t want to touch anything in terms of security that identifies you as you.

    Maybe all the website does is save your favorite pepe memes. They don’t need anything else from you, but they still need to have something to get a user id and make sure nobody messes with your pepe meme collection. That’s where this system comes in, because the rest of website becomes significantly easier. They don’t need to store anything personally identifying, all they get is an ID and they can connect it with your pepes.

    The only downside to OAuth is, as you can also see, that it’s corpos you don’t want to trust that are offering it.

    • Was just about to say getting Auth right is super hard. Getting someone else to do it for you is a godsend.

    • 14 days

      While I get that, it is still unfortunate that no open-source, trusted variant can be part of the usual ways.

      • There’s really no reason something like that couldn’t exist. A foundation would just have to decide to dedicate the resources to it.

        The issue is it would have to gain significant adoption in order for web admins to think to include it. This list here is actually a lot larger than you usually see. It’s often just the big 2 or 3.

    • 14 days

      Okay, but where is the link to this Pepe memes page?

    • 14 days

      I have no account with the above. I wouldn’t make one for being able to use another service.

      No idea what the product is here, but I guess I’m not their target audience. Which is fine.

    • Shitty little website…

      I don’t know, man, I don’t want anyone that doesn’t understand or doesn’t give a shit about security trying to implement it.

      That’s just a recipe for bad things.

    • 14 days

      What do they get that you wouldn’t get from signing up regularly ?

      • 14 days

        If you use the same Google account for a bunch of different third party websites, Google gets to associate your activity on those websites to you, giving them more points of data about you. They wouldn’t offer themselves as a login option if they didn’t make money out of it.

        Also if you use your Google email for many other services it becomes even harder to ditch Google afterwards.

        • 14 days

          and what does that have to do with the random website that uses it for oauth?

          • 14 days

            The website doesn’t have to handle the code and security for their own login system, which reduces costs for them too.

            • 14 days

              right… so it’s not data mining it’s just easier to maintain

              somehow op has 46 upvotes for something that’s wrong

  • 14 days

    Money.

    Also it kinda depend on how much you trust the website security and how much precaution you have. For general public who don’t really know how to protect themselves against hacking and databreach(those who might not know the existence of password manager), the option of letting a giant corpos handle the login is much better than to just blindly trust the website.

    Also money.

    Also the website might not want to build and maintain their own database for this(which cost money), so they outsource the login to other company.

    And also money.