DEV Community


Discussion on: why social logins are a bad idea - please keep your native login enabled

derek profile image
derek • Edited

My question was in the specific context of implementation in a product.

I think gone are the days where we can quickly roll out a simple auth strategy as such. Which is the reason why Auth0, okta, firebase, and the oAuth2 protocol in general are so popular.

I think 2020 and beyond a “successful” auth strategy and implementation would be accompanied with a security accreditation from a third party audit.

Also on the many projects I work on, we constantly have an open feedback loop with legal teams to make sure we’re in compliance of newly emerging privacy laws.

Thread Thread
c33s profile image
Julian Author

sorry i am not a native english speaker, maybe you can rephrase your question?

why can't you quickly roll out an auth strategy? is saving a user and its password hash not legal anymore?

Thread Thread
sinni800 profile image

I find people are unnecessarily afraid of saving a damn email (or user name) and password and glorify complexity like social logins give you... Not sure why that all is, but you can't really fight those windmills

Forem Open with the Forem app