65

Only Google & Facebook sign ups? Fucking ew.
If you're a web developer and you create a login system like this, please commit rm -rf /

Comments
  • 15
    Medium would like to store your password in plain text. Continue (Y/N)?
  • 3
  • 4
    Those motherfucker is a waste
  • 4
    Actually for me if there is reddit option is fine ;-)
  • 3
    Depends on where you know your user base will be coming from, I guess. I suppose you want a Twitter login too?
  • 13
    Million times better than rolling your own, getting it wrong and you get hacked then data gets leaked
  • 5
    @windlessuser agreed. As much as I can't stand logging in with other accounts, not every user cares and not every company wants to create and secure a method to create and store user accounts and their credentials. Just because the use case doesn't apply to us doesn't mean it applies to nobody.
  • 6
    I understand why. They want to focus on their content and site, not password security. The work required to so password security on a site like that well would be large.
  • 1
    I'm reminded of one site that won't let you register unless your email address is from an approved list of domains.

    So someone@hotmail.com is fine, but someone@myowndomain.com isn't accepted..
  • 2
    > Medium would like to store your

    > password in plain text.

    That so reminds me of a particular company that provides email, that if you forget your email password, for security and technical purposes, they can't tell you your current one..

    But they do email you a new one. :-)

    Still after 30+ years of me pointing out that isn't going to work, they are still doing it..

    "No ones ever complained they say !"

    They mean, no one else but me, because everyone else knows how stupid it is !
  • 3
    Well that's their medium for logins. 🙄
  • 2
    @FelisPhasma yes, but at that point - at least offer something like OpenID, too.
  • 3
    I think if you go oauth-only, it's important to offer more choice.

    Btw, for dev related blogging, Dev.to is great. Better code embedding, better commenting system, better community, auth through GitHub/Twitter.
  • 3
    You forgot to add `sudo`
  • 2
    You don’t have to roll your own authentication... there’re multiple libraries to choose from for whatever language you’re using.
  • 2
    @sauronjs also replace / with . because you don't want him/her/them to *GAME END* the world, you want him/her/them to *GAME END* himself/herself/themselves
  • 2
    @mishaor I believe OP does want him to end everything. Otherwise there is not need for `sudo`
  • 4
    @windlessuser And the people who don't have facebook/google and don't want it either are just fucked then? That seems fair.
Your Job Suck?
Get a Better Job
Add Comment