Re^4: login with google account

Replies are listed 'Best First'.
Re^5: login with google account by ysth (Canon) on Oct 11, 2024 at 20:24 UTC
Not sure what all jdporter had in mind, but bcrypted passwords seems like it is towards the top of the list. And emailing password reset links instead of passwords is kind of a prerequisite for that. -- A math joke: r = \| \|csc(θ)\|+\|sec(θ)\| \|-\| \|csc(θ)\|-\|sec(θ)\| \|	[reply]
Re^6: login with google account by jdporter (Paladin) on Oct 12, 2024 at 14:25 UTC
... bcrypted passwords ... emailing password reset links ... Those would certainly be big improvements. But something even more secure and convenient, such as OIDC, would be preferrable, imho.	[reply]
Re^7: login with google account by hippo (Archbishop) on Oct 12, 2024 at 22:17 UTC
If you are after a data point I can tell you that I'm in favour of hashed passwords (bcrypt or otherwise) and I would not choose to login to PerlMonks via a Google account through openidc. FWIW, I miss BitCard. 🦛	[reply]
Re^8: login with google account by Arunbear (Prior) on Oct 14, 2024 at 09:20 UTC
Re^9: login with google account by jdporter (Paladin) on Oct 14, 2024 at 15:00 UTC
Some notes below your chosen depth have not been shown here
Re^7: login with google account by soonix (Chancellor) on Oct 14, 2024 at 06:25 UTC
I guess that would then be "Login with an(y?) OpenID provider" instead of only "Login with Google"?	[reply]
Re^7: login with google account by ysth (Canon) on Oct 13, 2024 at 17:38 UTC
We would use OIDC for the google account login, but it sounds like you are talking about something more than that. Can you say more? -- A math joke: r = \| \|csc(θ)\|+\|sec(θ)\| \|-\| \|csc(θ)\|-\|sec(θ)\| \|	[reply]
Re^8: login with google account by jdporter (Paladin) on Oct 14, 2024 at 00:52 UTC
Re^6: login with google account by Bod (Parson) on Oct 17, 2024 at 19:10 UTC
but bcrypted passwords seems like it is towards the top of the list. And emailing password reset links instead of passwords Absolutely! But The Monastery is littered with similar suggestions. They usually amount to it being a "good idea" but nobody has the resources (skills, access, time, etc) to actually shoehorn it into the existing architecture. It seems to me that a rewrite would be an easier solution and then to either port all the existing for existing threads in or else keep the existing site as an archive. After all, the core parts of PM are not exactly difficult to create...	[reply]