User Authentication Current Trends

Sam — Fri, 11 Sep 2020 07:24:07 +0000

What are the most relevant techniques to implement user authentication?

The commonly used ones that I have been able to figure out are:

Username, Password

Asks user to provide a username and password, but this does not have implicit ways to capture any user information. The only way for that may be to have additional forms asking for details like first name, last name, dob, etc.

SSO / Oauth

Google, Github, Facebook etc - these may be used to fetch some information about the user from their accounts.

Magic link

This is somewhat confusing, although the use is pretty straight forward. In certain websites for e.g. while Signing Up the magic link is sent to the user's email address. Upon clicking on the link, the user is prompted to enter that "email's" password within the context of the website/application.

This seems scary at the very least because of the absence of the SSO / Oauth like UI/interface. Once authentication is verified, user information may be fetched by looking up the response. A typical response that Passport for Google sends is:

Multi Factor Authentication

This also may not provide any implicit ways to retrieve/fetch user information.

Any other ways to implement authentication?

Also, is there a best practices list for "user information" most commonly fetched after any authentication techniques return a verified user?

Frequent Updates Hell

Sam — Fri, 03 Jul 2020 05:37:16 +0000

The following is in the context of installable apps on mobile devices and personal computers.

There are essentially two types of updates I have observed that vendors keep on providing us hungry users with:

Updates that enhance features in the app, or address critical issues, and come with a respectable description of the changes brought in.
Updates that make no sense at all other than "Bug Fixes and Performance Improvements". That's it, this is all that is mentioned.

While it does make sense to provide feature enhancements and address issues, following are two queries I am looking for answers to:

How often should version updates be released? This applies especially when all that is being going to be mentioned is "Bug Fixes and Performance Improvements." In fact looking at so many updates with exactly the same statement also makes me wonder if the app developer(s) knew about these problems all along or were those bugs really new ones that the developers kept coming across.
Should developers indicate more than just Bug fixes and Performance Improvements in their updates? This "bugs" me a lot, especially also when I find no notable difference in the updated app as compared to the last one. Anyone else also feel the same?

My initial take on the above two points has to do not only with showing off one's tech prowess and addressing real issues, but also to consider overall user experience while providing any updates. While "bugs" must definitely be squashed and gotten rid of, should not the user be made more aware of what was fixed and how would it help enrich the user's experience?

Below are images of WhatsApp providing frequent updates with the same static description. I use WhatsApp way too much, and like it too, and am not trying to target this app, but this struck me as a perfect example to highlight the point I am trying to make.

Apart from just being an annoyance, I really do not know if I should keep on upgrading these kind of apps and add to the SSD/Flash Drive Write Cycles. So, are SSD write cycles relevant these days?

Then again, are there any industry best practices which state the order and manner in which bug fixes should be rolled out, in case there are more number of bugs that can be handled per given time frame?

DEV Community: Sam

User Authentication Current Trends

Frequent Updates Hell