Hacker News new | comments | show | ask | jobs | submit login

At least use HTTPS so that our passwords aren't passed in plain text across the internet. Or, like you said, implement some sort of OAuth2 login so we can log in with Twitter, Facebook, GitHub, Persona, etc.

(correction) looks like you can use HTTPS, but it is optional. It should be required on login page at least.

Applications are open for YC Summer 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact