Campfyre
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
FoxtrotDeltaTango@sh.itjust.works to Programmer Humor@programming.dev · 19 days ago

Why?

quokk.au

external-link
message-square
29
fedilink
84
external-link

Why?

quokk.au

FoxtrotDeltaTango@sh.itjust.works to Programmer Humor@programming.dev · 19 days ago
message-square
29
fedilink

cross-posted from: https://quokk.au/c/mildlyinfuriating/p/990534/why

How hard is it to implement email verification?

alert-triangle
You must log in or # to comment.
  • thejml@sh.itjust.works
    link
    fedilink
    arrow-up
    30
    ·
    19 days ago

    Google and youtube are the same login though…

    Honestly i like these buttons from a user/security POV as oauth only passes back a “login successful” reply and an identifier to associate an account with. Less PII to spread around the internet.

    • bus_factor@lemmy.world
      link
      fedilink
      arrow-up
      20
      ·
      19 days ago

      This is fine for stuff I don’t care that much about, like an account with your hairdresser or a pizza place, but if you tie all your actually important stuff to the same account and you get locked out for whatever reason, now you’re locked out of your whole life.

      I prefer unique passwords and a password manager. But you do have to back up the password manager data as well as any data you have with cloud providers.

      • valar@lemmy.ca
        link
        fedilink
        arrow-up
        16
        ·
        19 days ago

        For me the bigger issue is privacy. If you’re using Google to log into everything, Google gets to add all of that activity to their profile on you, and track you as you use every website you go to. No thanks. Google doesn’t need to know I’m buying a pizza tonight.

        • bus_factor@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          19 days ago

          That is also a concern and why I always default to a separate account even for those things, but I wouldn’t assume that data doesn’t get sold to Google regardless.

          • valar@lemmy.ca
            link
            fedilink
            arrow-up
            2
            ·
            19 days ago

            I prefer to use different email aliases for everything to mitigate that

            • Paragone@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              18 days ago

              from what i’ve read, ALL email ( possible 0.000something tolerance/error ) goes through google’s mail-transfer-agents.

              If they want a copy of every email that goes across the internet, they’ve got the saturation-of-core-servers to have that.

              There simply isn’t any way to bypass that.


              on an irrelated note, i wish public key encryption had been normalized, & worked right…

              ( Snowden got stung by a misconfiguration, 1 time, & if geeks get stung, then it isn’t ready for normals )

              🙏

          • partofthevoice@lemmy.zip
            link
            fedilink
            arrow-up
            0
            ·
            18 days ago

            Google knows when you use their services to sign in, and for what third party they’re authorizing the requests. The data doesn’t need to be sold back to Google.

            • bus_factor@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              18 days ago

              I’m talking about when you don’t use Google to login.

      • thejml@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        19 days ago

        Yeah, I don’t use this for banks and such.

    • clb92@feddit.dk
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      19 days ago

      I hate it when it afterwards still prompts me to create a full account, on some badly made sites. Why even allow oauth login if I still have to give you all my personal data…

    • Quibblekrust@thelemmy.club
      link
      fedilink
      English
      arrow-up
      1
      ·
      17 days ago

      oauth only passes back a “login successful” reply and an identifier to associate an account with

      Right, it’s a unique login token the website or app uses to ID you, and it keeps you logged in as long as you don’t delete the associated cookie. In addition, it can be revoked by you at any time, essentially logging you out (including anyone who may have stolen your cookie and is using it to impersonate you).

      It’s better than using the same password everywhere, but not as good as using a password manager with unique passwords for every app and website.

    • over_clox@lemmy.world
      cake
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      18 days ago

      Are you sure about that? I had my Google account since before they acquired YouTube. During their acquisition and merger, so as to not corrupt or pollute their merging databases I presume, I was forced to pick a different username for YouTube than my Google account, and that still stands to this day, even though both are indeed effectively the same account… 🤦‍♂️☹️

  • Zak@lemmy.world
    link
    fedilink
    arrow-up
    15
    ·
    18 days ago

    Because big players (other than StackExchange) never adopted OpenID where you could paste in an arbitrary URL for your identity provider.

    Also, OpenID probably shot itself in the foot by using a URL instead of something shaped like an email address, which would have allowed a zero-effort upgrade for the user if an email provider also wanted to offer OpenID.

  • kehet@sopuli.xyz
    link
    fedilink
    arrow-up
    15
    ·
    18 days ago

    I hate this. I don’t want to remember which provider I use for each site and I don’t want accidentally give too many permissions while logging in. Just give me email and password inputs, don’t block password managers and don’t force any magick link nonsense and I’m happy. I don’t even need passkey support

    • Hudell@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      6
      ·
      18 days ago

      Best I can do is password login that requires passwords to be typed from a specific keyboard app. You know, for security.

  • neidu3@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    12
    ·
    18 days ago

    No Pornhub option?

    • ☭可爱小猫☭@programming.dev
      link
      fedilink
      arrow-up
      4
      ·
      18 days ago

      wait pornhub provides oauth? it would be funny if it does

  • raman_klogius@ani.social
    link
    fedilink
    English
    arrow-up
    7
    ·
    18 days ago

    Just one more third party auth bro I promise you’ll capture 100% demographic bro

  • Codpiece@feddit.uk
    link
    fedilink
    arrow-up
    5
    ·
    19 days ago

    Where humour?

  • pewgar_seemsimandroid@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    3
    ·
    18 days ago

    What do they mean YouTube and google are seperate, are they covering the people who haven’t migrated their 2005 YouTube account to a google account?

  • allywilson@lemmy.ml
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    19 days ago

    If you host your own DB of users and passwords you are a target. Offloading it to as many wide-spread oauth providers as possible is a smart move.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      6
      ·
      19 days ago

      Tell that to all the people whose google accounts of 20+ years got locked out with zero recourse or warning.

      • over_clox@lemmy.world
        cake
        link
        fedilink
        arrow-up
        0
        ·
        18 days ago

        Um, wait what? I’m in the 20+ year Google category…

        I very rarely use Google anymore, but I do have a Google and YouTube account, plus my EBay account is also tied to my Google account, and I haven’t had any such issues…

        So what the hell happened to others? Do you have a brief breakdown, and perhaps an article link or something?

        • refalo@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          18 days ago

          https://old.reddit.com/r/googlephotos/comments/1to6cbi/i_keep_reading_about_google_accounts_being_banned/

          https://old.reddit.com/r/degoogle/comments/zuuf84/my_account_was_disabled_for_a_false_violation_of/

          https://old.reddit.com/r/GoogleSupport/comments/1nnrikh/google_disabled_my_account_for_making_a_new_one/

          https://old.reddit.com/r/Android/comments/wu1wbc/google_bans_mans_account_will_not_reinstate_even/

          https://old.reddit.com/r/GoogleSupport/comments/1qwed02/google_permanently_disabled_my_account_after/

          https://old.reddit.com/r/GoogleSupport/comments/1pjwmyj/20_year_old_google_account_disabled_2_days_ago/

          https://old.reddit.com/r/GoogleSupport/comments/1r92kuh/google_account_disabled_for_harmful_content/

  • printf("%s", name);@piefed.blahaj.zone
    link
    fedilink
    English
    arrow-up
    2
    ·
    18 days ago

    Nothing could compel me to sign up for shit like this 🤣

    On a serious note, I just recently made some progress in my C skills, which inspired me to for the first time search for “how to make a GUI”. No. Just, no. 😵‍💫 I’m glad there’s backend and frontend, and those that do fullstack are not of this world. 🥹

  • blarghly@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    19 days ago

  • SatoruToru@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    18 days ago

    Login with vk 💀, already make me think i shouldn’t use this service

  • ComradePenguin@lemmy.ml
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    edit-2
    18 days ago

    I like this. I want to be able to quickly test the product and if I like it, I make an account afterwards with my email. So I’ve recently been trying a lot of API services for various things and being able to test it quickly and then just delete my account. I see that as a win. Should have email also

    • SayCyberOnceMore@feddit.uk
      link
      fedilink
      English
      arrow-up
      2
      ·
      18 days ago

      Why not use a temporary email provider for testing? Click the email verification link, try it out…

      If happy re-register with real email account Else Close the browser tab Endif

Programmer Humor@programming.dev

programmer_humor@programming.dev

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

  • Keep content in english
  • No advertisements
  • Posts must be related to programming or programmer topics
Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 1.33K users / day
  • 2.75K users / week
  • 4.97K users / month
  • 18.5K users / 6 months
  • 1 local subscriber
  • 32.2K subscribers
  • 2.37K Posts
  • 87.4K Comments
  • Modlog
  • mods:
  • Feyter@programming.dev
  • adr1an@programming.dev
  • BurningTurtle@programming.dev
  • Pierre-Yves Lapersonne@programming.dev
  • BE: 0.19.7
  • Modlog
  • Legal
  • Instances
  • Docs
  • Code
  • join-lemmy.org