|
|
|
|
|
|
by claystraw
1674 days ago
|
|
|
Ah, thank you for the clarification and I agree! Another point is that 3rd party tools can easily deactivate profiles (we've seen enough posts on HN about being locked out of a Google account) which means users loose access to your system unless you have fallbacks in place. It's also important to note that almost no 3rd party providers offer the ability to require 2FA as part of their flows. So if you need 2FA and similar, you'll end up with your own system again. And you'll probably use passwords, because proving that you own two things - eg email and device - is not a second factor. If someone steals your laptop (something you no longer own :D ) it's just one factor! |
|
|