Hacker News new | past | comments | ask | show | jobs | submit login

Yes! Especially once you start juggling multiple accounts for different companies and projects. Becomes a guessing game, and each wrong guess creates another account magically. Infuriating





Time to create a new service to unify all your SSO accounts! One single SSO!

OpenID would have done it, but Facebook and Google neutered it in favour of OAuth so they could cement themselves as primary players.

It's been some time last I checked, but isn't OpenID Connect provided anymore by Goog/Fb? Why wouldn't that be a reasonable choice if you wanted a protocol that, from the dev side of things, allowed you to uniformly target external auth providers, or your own?

OoenID Connect is different. Its basically just OAuth2, and google/fb require the ap developer to register their app with google/fb in order to authenticate users.

Whcih is pretty bad for both developers and users, as a user I cant run my own identity provided and as a developer I have to spend time setting up accounts with ever identity provider i wish to integrate.

Original OpenID just let me as a user use a URL as my identity, so I could use any identity provider I wanted, including running one myself.

EDIT: There is a specification for dynamic client registration but nobody implements it as far as I've been able to tell.


Here comes SSSO! I can hardly wait!

Of course, there may be competing SSSO solutions...


We could have a Simplified Experience Single-Sign-On, or SESSO. Italian developers would adopt it enthusiastically.

If only there was a decentralized option that has already solved this... We could call it OpenID or something like that... Oh, wait..

You also have IndieAuth that is slowly gaining more adoption.

https://en.wikipedia.org/wiki/IndieAuth

https://indieauth.net/


Cool, that looks awesome, thanks!

Yes! and then I just sign in once into my single SSO signon!

And if you create an account accidentally, there’s often no way to undo that.

Next, if you don’t add a second-factor with to it, it becomes a ticking countdown until the account is compromised.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: