Hacker News new | ask | show | jobs
by eugenez 4435 days ago
If you use the device token as the authentication and identification, any other app on the device immediately gains the ability to log into your service as that user. May as well use a single password across all services which do this.
1 comments
numair 4435 days ago
On iOS, this is only true for applications that share the same keychain, which would imply they come from the same developer. This is actually a really great under-utilized feature that could be used to create a suite of apps with different behaviors that reference the same anonymous identity.
link
eugenez 4435 days ago
Agreed - shared keychain + unique token would work. Was concerned original post was talking about the advertiser ID as authentication.
link