DEV Community

Discussion on: why social logins are a bad idea - please keep your native login enabled

derek profile image
derek • Edited on

My question was in the specific context of implementation in a product.

I think gone are the days where we can quickly roll out a simple auth strategy as such. Which is the reason why Auth0, okta, firebase, and the oAuth2 protocol in general are so popular.

I think 2020 and beyond a โ€œsuccessfulโ€ auth strategy and implementation would be accompanied with a security accreditation from a third party audit.

Also on the many projects I work on, we constantly have an open feedback loop with legal teams to make sure weโ€™re in compliance of newly emerging privacy laws.

Thread Thread
c33s profile image
Julian Author

sorry i am not a native english speaker, maybe you can rephrase your question?

why can't you quickly roll out an auth strategy? is saving a user and its password hash not legal anymore?

Thread Thread
sinni800 profile image

I find people are unnecessarily afraid of saving a damn email (or user name) and password and glorify complexity like social logins give you... Not sure why that all is, but you can't really fight those windmills