undefined | Better HN

0 pointsdragonwriter8y ago0 comments

I'm not suggesting "don't implement passwords" (which are first-party authentication) or "don't support password pasting" (which mainly supports ad hoc third-party authentication with a manual token exchange), but if you are actively choosing to support pasting (and, thus, third-party SSO with a clumsy UI), you should also strongly consider supporting third-party authentication with a decent UI.

0 comments

sanderjd8y ago

The password manager solution is, if you'll allow me to strain your analogy a bit, "second-party SSO". That is, it's SSO that I, the user, manage however I prefer. Password pasting is an extensible API for achieving that.

But we don't disagree, folks should definitely implement things like OpenID.

j / k navigate · click thread line to collapse

0 pointsdragonwriter8y ago0 comments

0 comments

sanderjd8y ago

But we don't disagree, folks should definitely implement things like OpenID.

j / k navigate · click thread line to collapse