you still have to trust the client device. but i guess if someone else is there ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		v2223943777435 on Oct 12, 2023 \| parent \| context \| favorite \| on: Show HN: Obligator – An OpenID Connect server for ... you still have to trust the client device. but i guess if someone else is there you're screwed anyway. also, email has a potential for a big delay. a lot of times people need to log in quickly. email doesn't always reach the destination in a timely manner.

apitman on Oct 12, 2023 [–]

The UX challenges are real, no doubt about that. That's actually one of the main reasons I started down the OIDC rabbit hole. I was using only passwordless email logins on my services, and wanted to provide my users with the UX of social login without forcing them to give up their privacy to ad companies.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact