I'm thinking separating user auth (and details required) with something like this from user domain data would drastically reduce the likelihood that one hack could compromise everything all at once.
I think adding more systems increases your odds of being hacked, even if slightly lowering the damage of one hack. I would kinda prefer to avoid hacked all together.
I think adding more systems increases your odds of being hacked, even if slightly lowering the damage of one hack. I would kinda prefer to avoid hacked all together.