A sigh of relief has been heard across the Internet as behemoth Google has finally relented in it's ever intruding necessity to have a Google+ account from every service and function from signing up for Gmail to posting comments on YouTube.
From Slate to The Verge and everywhere in between there is dancing in the streets as Google finally got the message... no, not today Google, I don't want Plus. Plus will not be going away, it will become it's own property, left to stand on it's own, and unhooked from every Google service under the sun.
(Score: 1) by Pino P on Monday August 03 2015, @07:02PM
In order for a site to let users log in with their Twitter credentials, the site's operator has to have a Twitter account in order to register the site with Twitter. The same is true of Google and Facebook.
(Score: 2) by Anal Pumpernickel on Tuesday August 04 2015, @12:52AM
That's essentially creating a single point of failure, which is foolish. It's more foolish when you realize how terrible most people's passwords are, even for more important things. I wish web developers would get a clue and actually learn how to develop a website like they're supposed to know how to do rather than relying on all sorts of third party nonsense from privacy-violating companies. For most websites, I see RequestPolicy block 10+ third party sites, with the worst ones having over 20. Not just advertisers, either. It's absolutely ridiculous.
(Score: 1) by Pino P on Wednesday August 05 2015, @11:43PM
You appear to claim that protocols such as OpenID Connect are "foolish". But in an era of registration confirmation e-mails routinely getting mistakenly eaten by spam filters, what is supposed to uniquely identify a user account and allow for resetting a forgotten password?
(Score: 2) by Anal Pumpernickel on Thursday August 06 2015, @04:02AM
But in an era of registration confirmation e-mails routinely getting mistakenly eaten by spam filters, what is supposed to uniquely identify a user account and allow for resetting a forgotten password?
Check what was identified as spam yourself. If that's too hard for a significant amount of your users, then you should rethink your target userbase.
In general, I recommend relying less on third party websites. Especially don't rely on the likes of companies like Google, Facebook, Twitter, Microsoft, etc. All this nonsense does is allow for more cross-site tracking and gives attackers access to more of the user's accounts if they manage to break in. All for convenience.
(Score: 1) by Pino P on Thursday August 13 2015, @01:39AM
Anyone who breaks into your Google account or Microsoft account can already read your Gmail or your Hotmail and request password resets.