
Ask HN: Why Use Social Media Logins? - mattbgates
The general consensus is: It is so much easier!  You or your users can login in seconds without having to type in your email or username and try to remember the password. Sounds like a great thing. Social media sounds like it could be the answer to all of our login problems.<p>[continued below]
======
mattbgates
As a "user", I love logging in with social media. How awesome is it that I can
just click a button and be logged in instantly? No worrying about setting up a
password, at least, for most websites. I used to not trust it, but after
becoming a developer and learning: it is just grabbing an email or a name is
not too bad. Though sometimes, it may grab more than that, such as your
friends list, etc. Somehow, that became okay and no one cares.

As a "developer", things are quite different. There are a few libraries of
code on Github and you can find examples across the Internet. For the most
part, these examples do work after you have set up some API backend on the
social media platforms themselves.

Code would almost seem straightforward. However, it is not always the case,
especially, when a social media platform is ever-changing. For example, last
week, someone released a new product on Hacker News and went about his way,
only to realize, that people were attempting to login to Facebook, which
recently upgraded from SDK 4 to SDK 5. Massive changes occurred. How
embarrassing to go live, only for one of your social media buttons not to
work? It's not his fault, but it's Facebook who updated their code so older
versions no longer work. Most developers are trying to focus on their own code
and make sure it works. Now they have to worry about potential users being
unable to access the front door?

When I went to update Facebook SDK 4 to SDK 5 on one of my own platforms,
using Facebook's very example that they provided. I couldn't get it to work. I
ended up removing Facebook from my registration and login screen. The three
that remained were Google, Twitter, and LinkedIn.

After some careful testing with these three, they work for the most part,
except occasionally, if someone logs into Google, and then tries to login
again real fast, such as your code not remembering them and keeping them
logged in, Google's token expires and it won't auto-generate a new one, and it
creates a problem, an error that you can't even catch, so your users are
exposed to seeing that error.

Twitter, too, seems to have some issues. Using the examples you can easily
find on the Internet, and I'm no genius when it comes to this stuff, but I
managed to copy some code, put it together, and make it work with my database,
this would also come with problems: It keeps looping and acquiring a new oauth
token without ever going back to my website with the information. After
spending nearly an hour trying to figure out what the problem was and scouring
the Internet with very few answers, I gave up. So Twitter has now been
removed.

LinkedIn is my last resort, but to offer only one option: is it better at all?

The purpose of social media logins was to making logging in easier, but none
of these social media platforms have beginner or even novice developers in
mind. If any of the code was to change while your web application is live,
than you are screwed, trying to come up with a patch for it. Lest, you might
not even find out until someone actually reports it that your Facebook,
Twitter, LinkedIn, or Google login isn't working. How would you know
otherwise, since you probably might only use one or none?

I sought to find out: Do we really need to use social media logins? In this
day and age, it is supposedly expected. For the most part, researching claims,
there is a 60% usage of social media login buttons. But are they necessary? I
came across another article from a developer at MailChimp which makes a great
point about social logins: while people use them, if people like your
application or find it useful, they are going to register and login with a
username or email address, regardless of whether you have social media or not.

Here is the article: [https://blog.mailchimp.com/social-login-buttons-arent-
worth-...](https://blog.mailchimp.com/social-login-buttons-arent-worth-it/)

Navigating to MailChimp's registration and login page: there is no social
media presence.

So I know there are some attempts at making life easier for developers out
there, such as Hybridauth Social Login PHP Library (
[https://hybridauth.github.io/](https://hybridauth.github.io/) ), which may do
a good job, but I've not used it yet. There are also other non-free solutions
out there in which you pay for a script or a web company to handle it all for
you. This too, might be good, but why? Why isn't it easier for developers to
set up social media buttons?

Maybe it is security concerns or whatever, but you would think that as large
as these social media platforms are, they'd be better at giving you the email
and username or whatever you need.. and making it easier. After all, it is
technically free branding for them that you put on your website.

Anyone else struggle with social media login or just give up completely or
maybe you found a really easy solution that grants you peace of mind?

