[ - ] x0x7 1 point 1.8 yearsJul 14, 2022 12:50:11 ago (+1/-0)*
Passwords are bad-ish. I just fear what they would replace them with. In an ideal world a site would implement multiple auth methods to suite your liking, but definitely, definitely not push 0auth sign ins from tech giants leaving you dependent on credentials given by a tech giant to access unrelated sites.
Maybe it's time I finally put btc-sign on all of my sites like I've wanted to. Finding UI I'm happy with for it while still allowing passwords is the only thing that's held me back.
That's the actual correct solution. Never handing a password to a site to trust. Never receiving or depending on credentials from a third party. Anything else is shit, but big companies only push shit, so consumers only see shit, and so anything that's actually good is scary and unfamiliar. Any site without a large marketing budget will only scare off visitors with unfamiliar but good technology and thus forfeit any hope of competing.
The existence and uptake of Oauth annoys me, because all those developers working on it and using it are all too retarded to notice that SSL can already do everything needed just by making it normal to store signed client certs (even browsers can do that, it just isn't normal practice).
That would then identify the client/API-script/browser to the server without israeling around with the HTTP request itself.
[ + ] Grospoliner
[ - ] Grospoliner 3 points 1.8 yearsJul 14, 2022 09:38:41 ago (+3/-0)
[ + ] FreeinTX
[ - ] FreeinTX 2 points 1.8 yearsJul 14, 2022 10:23:22 ago (+2/-0)
[ + ] x0x7
[ - ] x0x7 1 point 1.8 yearsJul 14, 2022 12:50:11 ago (+1/-0)*
Maybe it's time I finally put btc-sign on all of my sites like I've wanted to. Finding UI I'm happy with for it while still allowing passwords is the only thing that's held me back.
That's the actual correct solution. Never handing a password to a site to trust. Never receiving or depending on credentials from a third party. Anything else is shit, but big companies only push shit, so consumers only see shit, and so anything that's actually good is scary and unfamiliar. Any site without a large marketing budget will only scare off visitors with unfamiliar but good technology and thus forfeit any hope of competing.
[ + ] SithEmpire
[ - ] SithEmpire 0 points 1.8 yearsJul 14, 2022 14:35:59 ago (+0/-0)
That would then identify the client/API-script/browser to the server without israeling around with the HTTP request itself.
[ + ] FreeinTX
[ - ] FreeinTX 1 point 1.8 yearsJul 14, 2022 10:22:25 ago (+1/-0)
[ + ] Cantaloupe
[ - ] Cantaloupe 0 points 1.8 yearsJul 14, 2022 12:00:05 ago (+0/-0)
It's easy to implement password based sign in, and it will continue whether or not they like it.
So they can go fuck themselves
[ + ] GrayDragon
[ - ] GrayDragon 0 points 1.8 yearsJul 14, 2022 09:41:38 ago (+0/-0)