Let’s assume that I want to use some random webapp. I don’t know… strava, perplexity, whatever. Maybe I want to play some stupid online game. Whatever.
And there is one thing that pisses me off – forcing me to using SSO where i should use no account or have a possibility to use just login+pass and some kind of second factor 😉 just because i think that should be. But hey… If you are making some stupid shit and you are too lazy or stupid to implement login+pass+mfa but force me to pass my FB or G or anything else account from other company.
Sorry but I hate it. Sharing everywhere ONE account, or two because you cannot have FB on G, or LI on FB… whatever … its shit. It is stupid. If you want any of my data – you have to do some things by yourself.
You have to provide me an option to just use login+password+MFA. It is very simple – really. We – IT industry – done it before, and we all have access to papers about how to do it in line with the art of coding. Really its not hard. Just take these papers and implement it.
Oh and – its important – allow us to use MULTIPLE authentication methods for ONE account. Like – I register using login+password+mfa BUT later I can add my G SSO and F SSO and LI and … have many of them. Because it is possible and its better for you – app owner.
Because IF I lost access to my X account because I am too lefty or I am from Iran or whatever… I still can use your app using login+password or using some other SSO… And you dont own google or facebook or whatever, and you cannot be sure that they will not create a new “great” app that will be clone of your app … and while you made it really great, they just decide that “sso on yourgreatapp.com” is no longer active… and no user will be able to restore their accounts … but they can start free now on GClone or FBClone…
So – friends – fuck this SSO trend and just allow us to use mail+pass+MFA + multiple SSO … all of them on ONE account. Because we can.