Re: [outages] facebook slow

[John Osmon <josmon () rigozsaurus com>]

On Fri, Nov 30, 2018 at 04:12:27PM -0500, valdis.kletnieks () vt edu wrote:
[...]
> There's the additional factor that security is always about trade-offs - for
> many sites, the dangers of using social media logins are *far* outweighed
> by being able to just have a big shiny "Log in using Facebook" button instead
> of making the user set up an account, pick a password, send them a verification
> e-mail, then they have to read their e-mail and click on the link.  Do that, and
> they just left for another site.  Doesn't take many people leaving for another
> site before any added "security" added by doing authentication yourself is
> outweighed by lost traffic.

What is better for the site could be diametrically opposed to what is
good for the end user.  (Yet another trade-off.)

Personally, the process of setting up a separate account for
each site is a hoop I require before I will sign up for/with a service.

I don't *CARE* if the individual site is compromised, as long as my
other logins are disconnected from it completely.  (For me, that means
separate usernames and password pairs for each site.)

I suspect there is a choir here to which I am preaching...