[curiousguy]

This makes sense, but this should had ask the account password to confirm, which Jeff’s daughter may know and typed.

IMO, The main issue in here is BigTech obsession with a single login. One single credentials give you access to everything, from entertainment to professional services.

People do share their credentials with family, specially if involves subscription and payment. BigTech try so hard to push for not sharing, but they fail to understand (or don’t care) that most people, specially non American, don’t have the budget to subscribe multiple time. Family accounts are non existent, lacking management options, and also more expensive.

[mariojv]

It would be interesting if there were auth standards related to linking family accounts or different identities. OIDC tries to extend OAuth to human identity characteristics but doesn’t quite get there. Maybe you could hack it in with custom claims, but first class support for codifying relations between users would be neat, instead of having every auth provider roll their own half broken implementation.