Comment by Ekaros
5 years ago
I don't want that either. Why should I tell google or github which sites I use... And tie also the accounts there to my google account.
5 years ago
I don't want that either. Why should I tell google or github which sites I use... And tie also the accounts there to my google account.
"I don't want that either."
Then use a password manager. Pick your poison.
Thats how we end up with apps without passeords, with just phone number/sms verification
This is what openid (the original) was designed to fix. You get to own your identity and delegate it if desired. But adoption didn't really happen.
But I get it. Maybe a throwaway email address is the right way around it for you?
"Throwaway email address" has gotten a lot tougher in the last 10 years. It's not impossible, but many providers demand a phone number or email verification. The ones who don't are used by bots, so those email addresses aren't universally accepted by sites that require email verification.
Fair enough. It depends on your definition of throwaway. I didn't mean totally anonymous, I meant anonymous to who runs the forum (which was, I believe the main objection in the original thread post: I don't want my private data available to the random owner of a forum).
If I set up foobarguy@gmail.com and use email verification because gmail requires me too, gmail can tie foobarguy@gmail.com to another email account.
But if I then use foorbarguy@gmail.com for $RANDOMFORUM, $RANDOMFORUM admin doesn't have any idea who I am. If they spam me or lose my password, I can just abandon foobarguy@gmail.com and set up barbazguy@gmail.com.
What am I missing?
2 replies →
Why need openid when pgp exists?
Because pgp is broken and obsolete
1 reply →