7
dakkarant
53d

why is every auth provider utter and complete shit?

why are docs and tutorials that try to teach auth so complete shit?

No wonder there are so many security holes everywhere, nobody bothers to make it simple for the next person.

Next time people that cry about security/bad auth, and work in that field, this one is for you:

Comments
  • 7
    Auth is obtuse, and they make money keeping it that way.

    Or

    Companies are lazy, and any responsibility they can defer to a vendor is deferred

    Or

    Every middle manager is some person who couldn't code their way out of a paper bag, yet feels competent to make technical buying decisions

    Or

    The cloud is hard, and orgs haven't really solved single sign on, so how could they tell if auth was good, bad or indifferent

    Or

    Bc it only has to work for 5 years until I move up in the org and then it's someone else's problem

    Or

    Why should I have to learn how things work? Just make it easy and intuitive and leave me none the wiser about how my security even works.

    Tl;Dr
    Lazy people gon laze. You train your vendors with what you tolerate.
  • 1
  • 1
    @SortOfTested

    >Lazy people gon laze. You train your vendors with what you tolerate.

    +2
  • 0
    I'm quite happy with Auth0, which we inherited from a third party project we took over.
  • 0
    Auth0 is pretty cool
  • 0
    Here's a tutorial I found useful: https://youtu.be/25GS0MLT8JU
Add Comment