Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Disclosure, I work in this space, for a company called FusionAuth.

> I don't want to be beholden to oauth providers for my account.

And which email provider are you using? You rely on them too, right? If you use a free email provider like Gmail or others, you are relying on them.

Personally I'm a big fan of letting someone log in any which way they want.

OAuth (or federated login if we're being precise) decreases friction.

Here's a link from Auth0 which references some other links talking about double digit increases in conversions when social login is available: https://auth0.com/blog/how-to-use-social-login-to-drive-your...

If it is a business to business app, and your employer is paying for it, the employer typically want to use their own SAML or OIDC based login system.

It does depend on your user base too. If you are targeting devs, adding login with github is a good idea. For more mass market users, Facebook. If you are in China, you'd be fool not to offer login with WeChat. And so on.

I personally like having email as a backup option and always advocate making it available as a baseline.



>And which email provider are you using? You rely on them too, right? If you use a free email provider like Gmail or others, you are relying on them.

today gmail, next month fastmail, next year self hosted.

once I move off of gmail, all the google oauth stuff breaks. So yea, you might today be beholden to one, but that can easily change


> And which email provider are you using? You rely on them too, right?

Not really, as I use my own domain so can just move that between providers. Exactly because I also don't want to be beholden to a free mail provider either.

> Personally I'm a big fan of letting someone log in any which way they want.

Sure, if people do want to use oauth by all means the should. I just don't think the short term signup convenience outweighs the longer term stuff like:

- annoyances of remembering how you signed up, the initial context I replied to.

- Having a extra service mixed in

- The privacy implications of your oauth provider having a neat list of the services you use.

> Here's a link from Auth0 which references some other links talking about double digit increases in conversions when social login is available: https://auth0.com/blog/how-to-use-social-login-to-drive-your...

Not relevant to me as a user ;) I get why companies provide it. I just choose not to for the reasons already mentioned.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: