Additionally, the reason you gave as to why the site might require it provides no real value to the user. There is no incentive to link yet-another-website to an authentication provider, except to access the site; which seems completely unnecessary.
Finally, I object to categorizing Google, Reddit, et al., as "authentication providers." While that may be a service they perform, they are actually, instead, just tracking you. If you'll forgive the clumsy metaphor of a caffeine-deprived mind, it would be a bit like calling police serving a search warrant "furniture reorganizers."
Too, leaving aside the question of whether it's a security risk for the user, maintaining a password database is certainly a security risk for the developer. Having your password database stolen is a credibility disaster. Similar exposure of a collection of OAuth tokens, none of which provides any access whatsoever to privileged data and all of which can be trivially deauthorized by their owners or en masse by the application developer, is about as minor a concern as any security compromise possibly can be. From the developer's perspective, that's an extremely strong argument for three-legged OAuth.
Addressing the other alternatives in detail: Using session cookies alone is great, except that they will eventually expire or be deleted, at which point all progress is lost. That's not a major problem, I suppose, but I can see people potentially being annoyed by it, especially shell cowboys who solve everything with one-liners. I'm not sure what "The site could generate a registration for the user" even means. And I think there's a fair argument to be made that authentication via OAuth with a third party hits a sweet spot between user convenience on the one hand, and persistence and distinguishability of identity on the other.
Finally, I'm really not sure why "they're tracking you!" is such a concern in this case. Yes, third-party tracking is an increasingly ubiquitous reality of life on the modern web, and yes, in many ways that is a very bad thing. On the other hand, there is such a thing as nuance, and I think it's a pretty long stretch to argue that it is likely to result in a major privacy violation to let on to Github, or for that matter Facebook or Twitter if I had accounts with them, that I'm a programmer. I suppose it's possible there are people who need to keep that a secret for some reason, although I can't imagine what reason that might be. For them, it's probably not worth it to use Advent of Code, even with a throwaway account. For me and apparently quite a lot of other people, it is. I'm having a very hard time seeing the prima facie unreasonability of that perspective that it seems like some folks do.
> Accepting user registrations generally entails obtaining a means of contact which can be used to unlock an account whose password has been forgotten. By far the most common contact method used is email. GP may not have mentioned it in so many words, but the implication is trivial.
In this specific case, using your guessed-at reason for the need for registration, the implication that an email address is required isn't trivial. It simply isn't necessary at all. If it had been required, I also would have forgone registering. They have no need to contact me that I consider valid.
> Requiring unique registration on a site also demonstrably results in significantly fewer people actually making use of the site. It's perceived as a burden, and people not unreasonably wonder why they have to providing sensitive information in order to find out whether there's anything there worth providing sensitive information.
Yet linking it to their social media or other accounts is not perceived as a burden? It is demonstrably percieved as a burden as evidence by both the other poster and myself. You also seem to be suggesting that linking a social media or other account is providing less sensitive information than creating a unique login. That may be the case at times, but I suspect, and I'd be surprised if you disagree, that usually you are providing more information by linking an external account versus a unique login.
> And I think there's a fair argument to be made that authentication via OAuth with a third party hits a sweet spot between user convenience on the one hand, and persistence and distinguishability of identity on the other.
I think there is too, in general, but not in this specific case if the only need is to have a unique identifier.
> Finally, I'm really not sure why "they're tracking you!" is such a concern in this case.
I'm not sure why you've gone from speaking very generally about the issue to getting very specific about the site in this case. I objected, very clearly, to identifying them as "authentication providers" in general. I never said anything about whether it was a huge privacy violation that they know you visited this particular site.
And promiscuously asking to connect social accounts to random things on the internet, even if they swear up and down that they don't request "undue" privileges, trains people to just always do it, which sets them up to get owned later on by someone who will take advantage of that.
most interesting so far is
"I'm doing the advent with 25 different languages, who wants to join?!"
No one is code golfing it yet
I am with grandparent in guessing people are mostly playing :)
having reddit on the list of options means the barrier to entry can be counted in keypresses
you can make as many reddit accounts as you want, much like hn, where the only requirements are username and password
make one and just treat it like an advent login
I guess they could collect wrong attempts and use them to try to shame people?
This adventofcode is a gem, you are really missing out if you let the registration system deter you.
Looking forward for the next puzzles !
This project seems awesome but playful -1 for non-zero-based-indexing :)
another note (obviously I'm hooked).. This instruction isn't 100% parseable. It's not clear whether the desire is for three unique vowels need to appear or if three positions in the string need to be vowels. For instance, would 'aaa' qualify?
"It contains at least three vowels (aeiou only), like aei, xazegov, or aeiouaeiouaeiou"
[Edit Again: Nevermind... the test example 'aaa' clears it up]
except Exception as e: print e.offset
I suppose the problems get harder the closer we are to christmas?
The input.txt files, or the code to be used as input/starting point? I just download the file (or save the code) instead of re-downloading it over and over. (Is also handy if you're coding in the train or another place without internet connection.)
so I guess you are welcome to throw in some bitcoins...