This really should be titled ‘Passwords – Part 3’.
But given that I have only thought about and never written the first two parts, its all a bit of jumble.
So, in the spirit of opening the blog tap, you just have to tough it out.
We all have (or should have) too many passwords.
Whats that? You only have one or two?
Ok, fine, move along, this is not the blog you are looking for…..
We all have different ways and methods to generate and keep track of which websites use which passwords.
I have lost track of the different methods I use. So now I have a document.
It requires a password and a cycling keycode to gain access to. Its 14 pages long.
14 pages of passwords. 14 A4 pages of passwords. And this from a guy that considers that he does not get on the web much. (My boss uses a password manager program – My guess his doc (if he had one) would run at something like 40-50 pages at a guess).
Anyway, some websites offer the option to log in with another websites password… I knew of this option, have used it a bit. For example. I log into my running app, Strava, using my Facebook password.
I have never coded such login options, but knew the basics since we are looking at what login / password options we have with Opto hardware (there are services I would like the Opto controller to use, but it needs to authenticate with said service to gain access to its data).
All that boils over from this;
https://medium.com/on-coding/the-unexpected-costs-of-third-party-login-cda41c087653
Really interesting that they found so many users having an issue, and the problems they have.
Right now I am thinking about what this means going forward…. We all have some core websites we use. What if we could log in to many other web sites with this core sits credentials, not just a few, but many. Would that really ease our password dilemma or just become a major security issue?
Would it really speed to market new apps and websites?
How often do new ideas get stalled because they can’t figure out how to make a sweet login process?
How many databases of username, email and password are orphaned out there in computerland? (Just waiting to be harvested).
This process of logging in with another sites credidentals uses a thing called oAuth. There are two (at least) versions of oAuth. You really need to support both. Its a mess. Its a real mess. Coding this stuff into a website or app is just a mess.
I’m going to stop now. Passwords are such an ugly topic that really needs part 1 and 2 written before we get to this entry. It will never happen, so don’t panic.
