dk2 at February 3rd, 2013 02:27 — #1
What does everyone think if we switch DevMaster to use OpenID exclusively and drop the internal account creation / sign-in process?
Do people generally prefer using a specific username/password for a website or do you prefer using an OpenID provider if possible?
reedbeta at February 3rd, 2013 03:29 — #2
I would be happy using OpenID. It's convenient to use my Google account to sign into websites; that has 2-factor authentication and suchlike, so I have less to worry about in terms of security. I use it for all my StackExchange accounts.
stainless at February 3rd, 2013 05:29 — #3
I don't use any sort of account aggregator, don't trust them.
I use a separate password for every site, I wouldn't swap to using OpenID
vilem_otte at February 3rd, 2013 13:56 — #4
Same as Stainless, I just don't trust account aggregators. Separate (and mostly different) password on every site is a lot more secure, than using just simple OpenID.
As for *random automatic spamming accounts*, using OpenID won't work, because basically they can do the same on OpenID and log in through OpenID here... so that argument is invalid.
thenut at February 3rd, 2013 14:47 — #5
I haven't used OpenID. I'm against such services primarily on the grounds of privacy, and secondly on the grounds of security. If Devmaster were to use OpenID I would just create a singular account for this one website, which would defeat the purpose of its function. You can consider my vote neutral on the subject
rouncer at February 3rd, 2013 15:51 — #6
vote for. It could be good spam avoidance.