|
|
|
|
|
|
by smt88
1059 days ago
|
|
|
> Wouldn't Disney be better served by using something like OIDC on a single domain? Yes, but even small changes are incredibly time-consuming and expenses at large companies. A coordinated authentication switch like this would cost them millions in person-hours. > it's confusing to users when their saved credentials don't autofill because they created the account on a different site Most people log in to these sites via mobile apps, not the web. A majority of people don't even use password managers. > Second, Disney can't use newer, more secure authentication like passkeys/WebAuthn because those are tied to a single domain. I don't think Disney cares that much about the appearance of security. They don't tend to maintain highly sensitive profiles for people. |
|
|